M playbook.yml => playbook.yml +0 -5
@@ 81,11 81,6 @@
- hosts: dns
tasks:
- import_role:
- name: dnscrypt-proxy
- tags:
- - dnscrypt-proxy
-
- - import_role:
name: unbound-blocklist
tags:
- unbound-blocklist
D roles/dnscrypt-proxy/defaults/main.yml => roles/dnscrypt-proxy/defaults/main.yml +0 -45
@@ 1,45 0,0 @@
----
-dnscrypt_proxy_addresses:
- - "127.0.0.1:5353"
-
-dnscrypt_proxy_cache: yes
-
-dnscrypt_proxy_cache_size: 512
-
-dnscrypt_proxy_cache_min_ttl: 600
-
-dnscrypt_proxy_cache_max_ttl: 86400
-
-dnscrypt_proxy_cache_neg_min_ttl: 60
-
-dnscrypt_proxy_cache_neg_max_ttl: 600
-
-dnscrypt_proxy_fallback_resolver: "1.1.1.1:53"
-
-dnscrypt_proxy_logger: |
- #!/usr/local/bin/execlineb -P
- s6-log -b n10 s1000000 t !"gzip -nq9" /var/log/dnscrypt-proxy/
-
-dnscrypt_proxy_max_clients: 100
-
-dnscrypt_proxy_require_servers:
- - dnssec
- - nolog
- - nofilter
-
-dnscrypt_proxy_sources:
- - name: public-resolvers
- urls:
- - https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md
- - https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md
- minisign_key: RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3
- refresh_delay: 72
- prefix: ''
-
-dnscrypt_proxy_use_servers:
- - ipv4
- - dnscrypt
- - doh
-
-dnscrypt_proxy_upstreams:
- - cloudflare
M roles/dnscrypt-proxy/tasks/main.yml => roles/dnscrypt-proxy/tasks/main.yml +7 -59
@@ 1,69 1,17 @@
---
-## Install
-##
-
-- name: install dnscrypt-proxy
- become: yes
- pkgng:
- name: dnscrypt-proxy2
- state: present
- notify:
- - restart dnscrypt-proxy
-
-
-## Configure
-##
-
-- name: configure dnscrypt-proxy
- become: yes
- template:
- src: dnscrypt-proxy.toml.j2
- dest: /usr/local/etc/dnscrypt-proxy/dnscrypt-proxy.toml
- notify:
- - restart dnscrypt-proxy
-
-
-## Supervise
-##
-
-- name: ensure dnscrypt-proxy service directories
+- name: delete dnscrypt-proxy service directories
become: yes
file:
- dest: "{{item}}"
- state: directory
- with_items:
- - /var/service/dnscrypt-proxy
- - /var/service/dnscrypt-proxy/log
-
-- name: install dnscrypt-proxy service
- become: yes
- copy:
- dest: /var/service/dnscrypt-proxy/run
- mode: 0555
- content: |
- #!/usr/local/bin/execlineb -P
- fdmove -c 2 1
- {% if dnscrypt_proxy_drop_privileges_early %}
- s6-setuidgid _dnscrypt-proxy
- {% endif %}
- /usr/local/sbin/dnscrypt-proxy -config /usr/local/etc/dnscrypt-proxy/dnscrypt-proxy.toml
+ dest: "/var/service/dnscrypt-proxy"
+ state: absent
notify:
- rescan s6
- - restart dnscrypt-proxy
-- name: install dnscrypt-proxy log service
+- name: remove dnscrypt-proxy
become: yes
- copy:
- dest: /var/service/dnscrypt-proxy/log/run
- mode: 0555
- content: "{{dnscrypt_proxy_logger}}"
- notify:
- - rescan s6
- - restart dnscrypt-proxy logger
-
-
-## Per-role flush
-##
+ pkgng:
+ name: dnscrypt-proxy2
+ state: absent
- name: flush handler
become: yes
D roles/dnscrypt-proxy/templates/dnscrypt-proxy.toml.j2 => roles/dnscrypt-proxy/templates/dnscrypt-proxy.toml.j2 +0 -56
@@ 1,56 0,0 @@
-{% if dnscrypt_proxy_upstreams %}
-server_names = [{% for upstream in dnscrypt_proxy_upstreams %}"{{upstream}}"{% if not loop.last %}, {% endif %}{% endfor %}]
-{% endif %}
-listen_addresses = [{% for addr in dnscrypt_proxy_addresses %}"{{addr}}"{% if not loop.last %}, {% endif %}{% endfor %}]
-max_clients = {{dnscrypt_proxy_max_clients}}
-{% if not dnscrypt_proxy_drop_privileges_early %}
-username = "_dnscrypt-proxy"
-{% endif %}
-
-{% if dnscrypt_proxy_use_servers %}
-## Require servers
-##
-
-{% for server in dnscrypt_proxy_use_servers %}
-{{server}}_servers = true
-{% endfor %}
-
-{% endif %}
-{% if dnscrypt_proxy_require_servers %}
-## Require properties
-##
-
-{% for require in dnscrypt_proxy_require_servers %}
-require_{{require}} = true
-{% endfor %}
-
-{% endif %}
-force_tcp = false
-timeout = 2500
-cert_refresh_delay = 240
-fallback_resolver = "{{dnscrypt_proxy_fallback_resolver}}"
-ignore_system_dns = true
-block_ipv6 = false
-
-{% if dnscrypt_proxy_cache %}
-## Cache
-##
-
-cache = true
-cache_size = {{dnscrypt_proxy_cache_size}}
-cache_min_ttl = {{dnscrypt_proxy_cache_min_ttl}}
-cache_max_ttl = {{dnscrypt_proxy_cache_max_ttl}}
-cache_neg_min_ttl = {{dnscrypt_proxy_cache_neg_min_ttl}}
-cache_neg_max_ttl = {{dnscrypt_proxy_cache_neg_max_ttl}}
-
-{% endif %}
-[sources]
-{% for source in dnscrypt_proxy_sources %}
-
- [sources.{{source.name}}]
- urls = [{% for u in source.urls %}"{{u}}"{% if not loop.last %}, {% endif %}{% endfor %}]
- cache_file = "{{source.name}}.md"
- minisign_key = "{{source.minisign_key}}"
- refresh_delay = {{source.refresh_delay}}
- prefix = "{{source.prefix}}"
-{% endfor %}