From: Tom Hughes <tom@compton.nu>
Date: Thu, 21 Mar 2019 18:47:52 +0000 (+0000)
Subject: Add optional support for using systemd-resolved
X-Git-Url: https://git.openstreetmap.org/chef.git/commitdiff_plain/91d53fa752e0e0b29f0a74fa53cde0c989b197ac

Add optional support for using systemd-resolved
---

diff --git a/cookbooks/networking/attributes/default.rb b/cookbooks/networking/attributes/default.rb
index f7db87730..9f14bdf56 100644
--- a/cookbooks/networking/attributes/default.rb
+++ b/cookbooks/networking/attributes/default.rb
@@ -9,3 +9,4 @@ default[:networking][:firewall][:mangle] = true
 default[:networking][:interfaces] = {}
 default[:networking][:nameservers] = []
 default[:networking][:search] = []
+default[:networking][:resolved] = false
diff --git a/cookbooks/networking/recipes/default.rb b/cookbooks/networking/recipes/default.rb
index a308e535d..6459a7e9d 100644
--- a/cookbooks/networking/recipes/default.rb
+++ b/cookbooks/networking/recipes/default.rb
@@ -174,19 +174,52 @@ template "/etc/hosts" do
   mode 0o644
 end
 
-unless node[:networking][:nameservers].empty?
-  link "/etc/resolv.conf" do
-    action :delete
-    link_type :symbolic
-    to "/run/resolvconf/resolv.conf"
-    only_if { File.symlink?("/etc/resolv.conf") }
+if node[:networking][:resolved]
+  service "systemd-resolved" do
+    action [:enable, :start]
+  end
+
+  directory "/etc/systemd/resolved.conf.d" do
+    owner "root"
+    group "root"
+    mode 0o755
   end
 
-  template "/etc/resolv.conf" do
-    source "resolv.conf.erb"
+  template "/etc/systemd/resolved.conf.d/99-chef.conf" do
+    source "resolved.conf.erb"
     owner "root"
     group "root"
     mode 0o644
+    notifies :restart, "service[systemd-resolved]"
+  end
+
+  file "/etc/resolv.conf" do
+    action :delete
+    not_if { ::File.symlink?("/etc/resolv.conf") }
+  end
+
+  link "/etc/resolv.conf" do
+    to "../run/systemd/resolve/stub-resolv.conf"
+  end
+
+  package "resolvconf" do
+    action :purge
+  end
+else
+  unless node[:networking][:nameservers].empty?
+    link "/etc/resolv.conf" do
+      action :delete
+      link_type :symbolic
+      to "/run/resolvconf/resolv.conf"
+      only_if { File.symlink?("/etc/resolv.conf") }
+    end
+
+    template "/etc/resolv.conf" do
+      source "resolv.conf.erb"
+      owner "root"
+      group "root"
+      mode 0o644
+    end
   end
 end
 
diff --git a/cookbooks/networking/templates/default/resolved.conf.erb b/cookbooks/networking/templates/default/resolved.conf.erb
new file mode 100644
index 000000000..efc4b2a71
--- /dev/null
+++ b/cookbooks/networking/templates/default/resolved.conf.erb
@@ -0,0 +1,3 @@
+[Resolve]
+DNS=<%= node[:networking][:nameservers].join(" ") %>
+Domains=<%= node[:networking][:search].join(" ") %>