Enable DNSSEC
This commit is contained in:
parent
fb236fed86
commit
993abc81bb
|
@ -1,3 +1,22 @@
|
||||||
|
- name: 'DNS: Enable DNSSEC'
|
||||||
|
tags:
|
||||||
|
- config
|
||||||
|
- dns
|
||||||
|
block:
|
||||||
|
- name: 'DNS: Enable DNSSEC configuration'
|
||||||
|
lineinfile:
|
||||||
|
path: '/etc/systemd/resolved.conf'
|
||||||
|
state: present
|
||||||
|
regexp: 'DNSSEC='
|
||||||
|
line: 'DNSSEC=yes'
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: 'DNS: Restart resolver'
|
||||||
|
systemd:
|
||||||
|
name: systemd-resolved
|
||||||
|
state: restarted
|
||||||
|
become: true
|
||||||
|
|
||||||
- name: 'IPv6: Privacy'
|
- name: 'IPv6: Privacy'
|
||||||
tags:
|
tags:
|
||||||
- config
|
- config
|
||||||
|
@ -5,7 +24,7 @@
|
||||||
block:
|
block:
|
||||||
- name: 'IPv6: Privacy: Temporary addressing defaults'
|
- name: 'IPv6: Privacy: Temporary addressing defaults'
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: "/etc/ufw/sysctl.conf"
|
path: '/etc/ufw/sysctl.conf'
|
||||||
state: present
|
state: present
|
||||||
regexp: "net/ipv6/conf/{{ item }}/use_tempaddr"
|
regexp: "net/ipv6/conf/{{ item }}/use_tempaddr"
|
||||||
line: "net/ipv6/conf/{{ item }}/use_tempaddr=2"
|
line: "net/ipv6/conf/{{ item }}/use_tempaddr=2"
|
||||||
|
|
Loading…
Reference in a new issue