From 6cba945cb8684736b1478383768f52b294968810 Mon Sep 17 00:00:00 2001 From: Timo Makinen Date: Thu, 20 Feb 2025 21:52:58 +0000 Subject: [PATCH] Move to static DNS servers and use DoT This now affects only Fedora and OpenBSD hosts --- group_vars/all.yml | 5 +++++ group_vars/fsolgw.yml | 1 - group_vars/home.yml | 5 +++++ group_vars/proxy.yml | 2 -- group_vars/relay.yml | 2 -- group_vars/vultr.yml | 4 ---- 6 files changed, 10 insertions(+), 9 deletions(-) create mode 100644 group_vars/home.yml delete mode 100644 group_vars/vultr.yml diff --git a/group_vars/all.yml b/group_vars/all.yml index 4814110..13c4354 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -31,5 +31,10 @@ boot_url: https://boot.foo.sh # ssh public keys for logsync user logsync_publickeys: "{{ lookup('file', '../files/ssh/logsync.pub') }}" +# default name servers +network_dns_servers: + - 8.8.8.8 + - 8.8.4.4 + # hardcode this for now ansible_datacenter: home diff --git a/group_vars/fsolgw.yml b/group_vars/fsolgw.yml index f45c486..6012a52 100644 --- a/group_vars/fsolgw.yml +++ b/group_vars/fsolgw.yml @@ -7,7 +7,6 @@ network_vip_interfaces: ip6addr: 2a00:4cc1:6:1006::1 ip6netmask: 64 pass: "{{ vip145_pass }}" -network_dns_servers: [172.20.20.10, 172.20.21.1, 172.20.21.2] # use custom firewall and ifstated config firewall_src: pf.conf.gw_fsol diff --git a/group_vars/home.yml b/group_vars/home.yml new file mode 100644 index 0000000..d8558c0 --- /dev/null +++ b/group_vars/home.yml @@ -0,0 +1,5 @@ +--- +network_dns_servers: + - 172.20.20.10 + - 172.20.20.11 + - 172.20.20.12 diff --git a/group_vars/proxy.yml b/group_vars/proxy.yml index bb5decb..ea7cba9 100644 --- a/group_vars/proxy.yml +++ b/group_vars/proxy.yml @@ -4,8 +4,6 @@ mem_size: 1024 # use bigger disk for os as we have web site data there dsk_size: 30 -network_dns_servers: - - 172.20.20.10 network_default_gateway: 37.16.96.145 network_vip_interfaces: diff --git a/group_vars/relay.yml b/group_vars/relay.yml index 622e743..a52f0b5 100644 --- a/group_vars/relay.yml +++ b/group_vars/relay.yml @@ -1,6 +1,4 @@ --- -network_dns_servers: - - 172.20.20.10 network_default_gateway: 37.16.96.145 network_vip_interfaces: diff --git a/group_vars/vultr.yml b/group_vars/vultr.yml deleted file mode 100644 index af46a03..0000000 --- a/group_vars/vultr.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -network_dns_servers: - - 8.8.8.8 - - 9.9.9.9