From 57e43b1396dcc326ac2ef98425d9db41d1c4fb3a Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Thu, 20 Feb 2025 21:11:08 +0000
Subject: [PATCH] systemd_resolved: Don't use dns from connections

---
 roles/systemd_resolved/files/resolved.conf | 2 ++
 roles/systemd_resolved/handlers/main.yml   | 5 +++++
 roles/systemd_resolved/tasks/main.yml      | 9 +++++++++
 3 files changed, 16 insertions(+)
 create mode 100644 roles/systemd_resolved/files/resolved.conf

diff --git a/roles/systemd_resolved/files/resolved.conf b/roles/systemd_resolved/files/resolved.conf
new file mode 100644
index 0000000..e4d2629
--- /dev/null
+++ b/roles/systemd_resolved/files/resolved.conf
@@ -0,0 +1,2 @@
+[global-dns-domain-*]
+servers=127.0.0.53
diff --git a/roles/systemd_resolved/handlers/main.yml b/roles/systemd_resolved/handlers/main.yml
index 0bbce3d..dd37621 100644
--- a/roles/systemd_resolved/handlers/main.yml
+++ b/roles/systemd_resolved/handlers/main.yml
@@ -3,3 +3,8 @@
   ansible.builtin.service:
     name: systemd-resolved
     state: restarted
+
+- name: Restart NetworkManager
+  ansible.builtin.service:
+    name: NetworkManager
+    state: restarted
diff --git a/roles/systemd_resolved/tasks/main.yml b/roles/systemd_resolved/tasks/main.yml
index 43371a6..bb690d6 100644
--- a/roles/systemd_resolved/tasks/main.yml
+++ b/roles/systemd_resolved/tasks/main.yml
@@ -21,6 +21,15 @@
     group: "{{ ansible_wheel }}"
   notify: Restart systemd-resolved
 
+- name: Do not use connection specific DNS servers
+  ansible.builtin.copy:
+    dest: /etc/NetworkManager/conf.d/resolved.conf
+    src: resolved.conf
+    mode: "0644"
+    owner: root
+    group: "{{ ansible_wheel }}"
+  notify: Restart NetworkManager
+
 - name: Enable service
   ansible.builtin.service:
     name: systemd-resolved