ctucx.git: ansible-configs

dnsmasq: add role

diff --git a/roles/dnsmasq/tasks/main.yml b/roles/dnsmasq/tasks/main.yml
@@ -0,0 +1,18 @@
+---
+
+- name: "Install package: dnsmasq" 
+  apk:
+   name: dnsmasq 
+   state: present
+   update_cache: yes
+
+- name: "create file: /etc/dnsmasq.d/ansible.conf"
+  template:
+    src: dnsmasq.conf.j2
+    dest: /etc/dnsmasq.d/ansible.conf
+
+- name: "Enable and restart service: dnsmasq"
+  service:
+   name: dnsmasq
+   enabled: yes
+   state: restarted

diff --git a/roles/dnsmasq/templates/dnsmasq.conf.j2 b/roles/dnsmasq/templates/dnsmasq.conf.j2
@@ -0,0 +1,34 @@
+except-interface=eth0
+no-resolv
+
+# filter what we send upstream
+domain-needed
+bogus-priv
+
+server=1.1.1.1@eth0
+server=1.0.0.1@eth0
+server=8.8.8.8@eth0
+server=8.8.4.4@eth0
+
+# allow /etc/hosts and dhcp lookups for local domains
+local=/home.ctu.cx/
+domain=home.ctu.cx
+
+expand-hosts
+read-ethers
+
+enable-ra
+quiet-ra
+
+dhcp-range=10.0.0.40, 10.0.0.254,48h
+dhcp-range=::10, ::400, constructor:brlan ra-names, slaac, 48h
+dhcp-option=option6:information-refresh-time,6h
+
+dhcp-authoritative
+dhcp-rapid-commit
+
+# IPv4 DNS server
+dhcp-option=option:dns-server,10.0.0.1
+
+# IPv4 gateway
+dhcp-option=option:router,10.0.0.1