tasks/preparing.yml

---
#  Disable tools, such as resolvconf, that automatically update your /etc/resolv.conf DNS resolver configuration file
- name: Stop and disable systemd-resolved if present
  ansible.builtin.systemd:
    name: systemd-resolved
    enabled: false
    state: stopped
  when: ansible_facts.services['systemd-resolved.service'] is defined

- name: Remove /etc/resolv.conf if it's a symlink to systemd-resolved
  ansible.builtin.file:
    path: /etc/resolv.conf
    state: absent
  when: "'/run/systemd/resolve' in ansible_facts.lsb.description | default('')"

- name: Create static /etc/resolv.conf
  ansible.builtin.copy:
    dest: /etc/resolv.conf
    content: |
      nameserver {{ location_internal_dns }}
      nameserver {{ location_external_dns }}
    owner: root
    group: root
    mode: '0644'

- name: Disable resolvconf package (if installed)
  ansible.builtin.package:
    name: resolvconf
    state: absent

- name: Disable DNS updates from NetworkManager (if present)
  ansible.builtin.blockinfile:
    path: /etc/NetworkManager/NetworkManager.conf
    block: |
      [main]
      dns=none
  notify: Restart NetworkManager
  when: ansible_facts.services['NetworkManager.service'] is defined

- name: Prevent dhclient from modifying resolv.conf (if present)
  ansible.builtin.lineinfile:
    path: /etc/dhcp/dhclient.conf
    regexp: '^#?supersede domain-name-servers'
    line: 'supersede domain-name-servers {{ location_internal_dns }}, {{ location_external_dns }};'
    create: yes

# Verify that the /etc/hosts file on the DC correctly resolves the fully-qualified domain name (FQDN) and short host name to the LAN IP address of the DC
- name: Set /etc/hosts entry for Samba AD DC
  ansible.builtin.lineinfile:
    path: /etc/hosts
    line: "{{ addc_ansible_host }} {{ addc_hostname | upper }}.{{ addc_tld | lower }} {{ addc_hostname | upper }}"
    state: present
    create: yes

- name: Ensure '127.0.0.1 localhost' is present and nothing else on that line
  ansible.builtin.lineinfile:
    path: /etc/hosts
    regexp: '^127\.0\.0\.1\s+'
    line: '127.0.0.1 localhost'
    state: present

# Remove any existing smb.conf file
- name: Get compiled default smb.conf path from smbd
  ansible.builtin.shell: smbd -b | grep CONFIGFILE | awk '{print $2}'
  register: smb_conf_path
  changed_when: false
  failed_when: smb_conf_path.rc != 0

- name: Remove smb.conf using discovered path
  ansible.builtin.file:
    path: "{{ smb_conf_path.stdout }}"
    state: absent

# Remove all Samba database files, such as *.tdb and *.ldb files
- name: Get Samba directories from smbd -b
  ansible.builtin.shell: smbd -b | egrep "LOCKDIR|STATEDIR|CACHEDIR|PRIVATE_DIR" | awk '{print $2}'
  register: samba_dirs
  changed_when: false
  failed_when: samba_dirs.rc != 0

- name: Filter existing directories
  ansible.builtin.find:
    paths: "{{ item }}"
    file_type: directory
    recurse: no
  loop: "{{ samba_dirs.stdout_lines }}"
  register: existing_dirs

- name: Collect existing directories
  ansible.builtin.set_fact:
    valid_dirs: "{{ existing_dirs.results | selectattr('matched', '>', 0) | map(attribute='files') | sum(start=[]) | map(attribute='path') | list }}"

- name: Find *.tdb and *.ldb files
  ansible.builtin.find:
    paths: "{{ item }}"
    patterns: "*.tdb,*.ldb"
    recurse: yes
    use_regex: false
  loop: "{{ valid_dirs }}"
  register: db_files

- name: Remove found tdb/ldb files
  ansible.builtin.file:
    path: "{{ item.path }}"
    state: absent
  loop: "{{ db_files.results | map(attribute='files') | sum(start=[]) }}"
  when: item.path is defined

- name: Report removed files
  ansible.builtin.debug:
    msg: "Removed: {{ item.path }}"
  loop: "{{ db_files.results | map(attribute='files') | sum(start=[]) }}"
patch undefined: Updated the DNS configuration in the `resolv.conf.j2` template to include both the local host and the Ansible-managed DNS server. Added a new line to the `resolv.conf.j2` template to specify the Ansible-managed DNS server (`{{ addc_ansible_host }}`). This ensures that the system uses both the local host and the managed DNS server for DNS resolution. 2025-10-19 22:25:19 +02:00			`---`
			`# Disable tools, such as resolvconf, that automatically update your /etc/resolv.conf DNS resolver configuration file`
			`- name: Stop and disable systemd-resolved if present`
			`ansible.builtin.systemd:`
			`name: systemd-resolved`
			`enabled: false`
			`state: stopped`
			`when: ansible_facts.services['systemd-resolved.service'] is defined`

			`- name: Remove /etc/resolv.conf if it's a symlink to systemd-resolved`
			`ansible.builtin.file:`
			`path: /etc/resolv.conf`
			`state: absent`
			`when: "'/run/systemd/resolve' in ansible_facts.lsb.description \| default('')"`

			`- name: Create static /etc/resolv.conf`
			`ansible.builtin.copy:`
			`dest: /etc/resolv.conf`
			`content: \|`
			`nameserver {{ location_internal_dns }}`
			`nameserver {{ location_external_dns }}`
			`owner: root`
			`group: root`
			`mode: '0644'`

			`- name: Disable resolvconf package (if installed)`
			`ansible.builtin.package:`
			`name: resolvconf`
			`state: absent`

			`- name: Disable DNS updates from NetworkManager (if present)`
			`ansible.builtin.blockinfile:`
			`path: /etc/NetworkManager/NetworkManager.conf`
			`block: \|`
			`[main]`
			`dns=none`
			`notify: Restart NetworkManager`
			`when: ansible_facts.services['NetworkManager.service'] is defined`

			`- name: Prevent dhclient from modifying resolv.conf (if present)`
			`ansible.builtin.lineinfile:`
			`path: /etc/dhcp/dhclient.conf`
			`regexp: '^#?supersede domain-name-servers'`
			`line: 'supersede domain-name-servers {{ location_internal_dns }}, {{ location_external_dns }};'`
			`create: yes`

			`# Verify that the /etc/hosts file on the DC correctly resolves the fully-qualified domain name (FQDN) and short host name to the LAN IP address of the DC`
			`- name: Set /etc/hosts entry for Samba AD DC`
			`ansible.builtin.lineinfile:`
			`path: /etc/hosts`
feat ✨: Add new feature to configure Samba AD DC DNS settings This commit adds a new feature to the playbook that configures DNS settings for a Samba AD DC. It includes changes to the `defaults/main.yml` file, `tasks/install.yml`, `tasks/preparing.yml`, `tasks/verify.yml`, and `templates/resolv.conf.j2` files. 2025-10-21 21:10:30 +02:00			`line: "{{ addc_ansible_host }} {{ addc_hostname \| upper }}.{{ addc_tld \| lower }} {{ addc_hostname \| upper }}"`
patch undefined: Updated the DNS configuration in the `resolv.conf.j2` template to include both the local host and the Ansible-managed DNS server. Added a new line to the `resolv.conf.j2` template to specify the Ansible-managed DNS server (`{{ addc_ansible_host }}`). This ensures that the system uses both the local host and the managed DNS server for DNS resolution. 2025-10-19 22:25:19 +02:00			`state: present`
			`create: yes`

			`- name: Ensure '127.0.0.1 localhost' is present and nothing else on that line`
			`ansible.builtin.lineinfile:`
			`path: /etc/hosts`
			`regexp: '^127\.0\.0\.1\s+'`
			`line: '127.0.0.1 localhost'`
			`state: present`

			`# Remove any existing smb.conf file`
			`- name: Get compiled default smb.conf path from smbd`
			`ansible.builtin.shell: smbd -b \| grep CONFIGFILE \| awk '{print $2}'`
			`register: smb_conf_path`
			`changed_when: false`
			`failed_when: smb_conf_path.rc != 0`

			`- name: Remove smb.conf using discovered path`
			`ansible.builtin.file:`
			`path: "{{ smb_conf_path.stdout }}"`
			`state: absent`

			`# Remove all Samba database files, such as .tdb and .ldb files`
			`- name: Get Samba directories from smbd -b`
			`ansible.builtin.shell: smbd -b \| egrep "LOCKDIR\|STATEDIR\|CACHEDIR\|PRIVATE_DIR" \| awk '{print $2}'`
			`register: samba_dirs`
			`changed_when: false`
			`failed_when: samba_dirs.rc != 0`

			`- name: Filter existing directories`
			`ansible.builtin.find:`
			`paths: "{{ item }}"`
			`file_type: directory`
			`recurse: no`
			`loop: "{{ samba_dirs.stdout_lines }}"`
			`register: existing_dirs`

			`- name: Collect existing directories`
			`ansible.builtin.set_fact:`
			`valid_dirs: "{{ existing_dirs.results \| selectattr('matched', '>', 0) \| map(attribute='files') \| sum(start=[]) \| map(attribute='path') \| list }}"`

			`- name: Find .tdb and .ldb files`
			`ansible.builtin.find:`
			`paths: "{{ item }}"`
			`patterns: ".tdb,.ldb"`
			`recurse: yes`
			`use_regex: false`
			`loop: "{{ valid_dirs }}"`
			`register: db_files`

			`- name: Remove found tdb/ldb files`
			`ansible.builtin.file:`
			`path: "{{ item.path }}"`
			`state: absent`
			`loop: "{{ db_files.results \| map(attribute='files') \| sum(start=[]) }}"`
			`when: item.path is defined`

			`- name: Report removed files`
			`ansible.builtin.debug:`
			`msg: "Removed: {{ item.path }}"`
			`loop: "{{ db_files.results \| map(attribute='files') \| sum(start=[]) }}"`