- name: install stuff from apt apt: name: [pdns-server, pdns-backend-pgsql, wireguard-tools, python3-psycopg2, postgresql] - name: configure wireguard tunnel template: src: wireguard.conf dest: /etc/wireguard/wg0.conf notify: - restart wg-quick@wg0 - name: enable the wireguard tunnel service: name: wg-quick@wg0 enabled: true - name: check if resolved is installed stat: path: /etc/systemd/resolved.conf register: resolvedconf - name: create resolved.conf.d file: path: /etc/systemd/resolved.conf.d state: directory when: resolvedconf.stat.exists - name: disable systemd-resolved stub listener (its probably using port 53 and we need it) template: src: systemd-resolved.conf dest: /etc/systemd/resolved.conf.d/10-disable-stub-listener.conf notify: - restart systemd-resolved when: resolvedconf.stat.exists - name: configure postgres for streaming replication template: src: postgres.conf dest: /etc/postgresql/15/main/conf.d/replication.conf notify: - restart postgresql - name: configure postgres remote access community.postgresql.postgresql_pg_hba: address: 10.6.0.0/24 contype: host databases: pdns dest: /etc/postgresql/15/main/pg_hba.conf notify: - restart postgresql when: powerdns_admin|default(false) - meta: flush_handlers - include_tasks: file: postgresql-write.yml apply: become: true become_user: postgres when: powerdns_admin|default(false) - include_tasks: file: postgresql-read.yml apply: become: true become_user: postgres when: not powerdns_admin|default(false) - include_tasks: powerdns.yml - meta: flush_handlers - include_tasks: powerdns-admin.yml when: powerdns_admin|default(false)