refactor ♻️: Refactored the code to use a more structured approach for DNS configuration and added optional tests.

Updated the role to include optional tests after running it, ensuring that DNS resolution is correctly configured. The code has been refactored to improve readability and maintainability.
2025-10-08 21:55:06 +02:00
parent 180a1f8639
commit fd4da57a3c
6 changed files with 106 additions and 1 deletions
--- a/README.md
+++ b/README.md
@@ -1,3 +1,12 @@
 # ansible_samba_domain_member

-Install and configure Samba + Kerberos to join AD
+Install and configure Samba + Kerberos to join AD
+
+
+🧪 Optional Tests
+
+After running the role:
+
+# DNS should resolve domain controllers:
+dig _ldap._tcp.{{ dns_search }} SRV
+host dc1.{{ dns_search }}
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -3,3 +3,8 @@ ad_realm: EXAMPLE.COM
 ad_dc: dc1.example.com
 ad_admin_user: administrator
 ad_admin_password: YourPassword
+dns_servers:
+  - 192.168.1.10
+  - 192.168.1.11
+dns_search: example.com
+nm_connection_name: "Wired connection 1"  # Change this based on your setup
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -0,0 +1,11 @@
+# handlers/main.yml
+- name: Restart networking if required
+  service:
+    name: networking
+    state: restarted
+  when: ansible_service_mgr == "systemd"
+
+- name: Restart systemd-resolved
+  service:
+    name: systemd-resolved
+    state: restarted
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,4 +1,67 @@
 ---
+- name: Gather service facts
+  service_facts:
+  
+- name: Determine DNS manager
+  set_fact:
+    dns_manager: >-
+      {% if 'systemd-resolved.service' in ansible_facts.services and ansible_facts.services['systemd-resolved.service'].state == 'running' %}
+        systemd-resolved
+      {% elif 'NetworkManager.service' in ansible_facts.services and ansible_facts.services['NetworkManager.service'].state == 'running' %}
+        NetworkManager
+      {% else %}
+        manual
+      {% endif %}
+
+- name: Configure DNS for systemd-resolved
+  when: dns_manager == 'systemd-resolved'
+  template:
+    src: resolved.conf.j2
+    dest: /etc/systemd/resolved.conf
+    owner: root
+    group: root
+    mode: '0644'
+  notify: Restart systemd-resolved
+
+- name: Ensure /etc/resolv.conf points to systemd stub
+  when: dns_manager == 'systemd-resolved'
+  file:
+    src: /run/systemd/resolve/stub-resolv.conf
+    dest: /etc/resolv.conf
+    state: link
+    force: true
+
+- name: Configure DNS via NetworkManager (nmcli)
+  when: dns_manager == 'NetworkManager'
+  block:
+    - name: Set DNS servers with nmcli
+      shell: >
+        nmcli con mod "{{ nm_connection_name }}"
+        ipv4.dns "{{ dns_servers | join(' ') }}"
+        ipv4.ignore-auto-dns yes
+      args:
+        warn: false
+
+    - name: Set search domain with nmcli
+      shell: >
+        nmcli con mod "{{ nm_connection_name }}"
+        ipv4.dns-search "{{ dns_search }}"
+      args:
+        warn: false
+
+    - name: Bring connection down and up to apply changes
+      shell: >
+        nmcli con down "{{ nm_connection_name }}" && nmcli con up "{{ nm_connection_name }}"
+      ignore_errors: true
+
+  when: dns_manager == 'manual'
+  template:
+    src: resolv.conf.j2
+    dest: /etc/resolv.conf
+    owner: root
+    group: root
+    mode: '0644'
+
 - name: Install required packages
  apt:
    name:
@@ -10,6 +73,15 @@
    state: present
  become: yes

+- name: Configure /etc/resolv.conf for AD DNS resolution
+  template:
+    src: resolv.conf.j2
+    dest: /etc/resolv.conf
+    owner: root
+    group: root
+    mode: '0644'
+  notify: Restart networking if required
+
 - name: Configure Kerberos
  template:
    src: krb5.conf.j2
--- a/templates/resolv.conf.j2
+++ b/templates/resolv.conf.j2
@@ -0,0 +1,4 @@
+search {{ dns_search }}
+{% for server in dns_servers %}
+nameserver {{ server }}
+{% endfor %}
--- a/templates/resolved.conf.j2
+++ b/templates/resolved.conf.j2
@@ -0,0 +1,4 @@
+[Resolve]
+DNS={{ dns_servers | join(' ') }}
+Domains={{ dns_search }}
+FallbackDNS=