Update nsd systemd unit deps

Our nsd setup relies on the distro provided nsd unit file which doesn't force nsd to wait for networking to be online before starting the service. This is fine if listening on ::1 or :: (or ipv4 equivalents) because those special addrs don't need network to be fully onling. However, we don't listen on those addrs because we have unbound performing local dns for us. Instead we listen on our public interfaces which does require networking to be online first. Thankfully freedesktop.org has a great faq page about this [0] and that basically describes the addition of wanting and aftering network-online.target. We do that through the unit config mechanism described here [1]. [0] https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/ [1] https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/sect-Managing_Services_with_systemd-Unit_Files#brid-Managing_Services_with_systemd-Extending_Unit_Config Change-Id: Ieffe2e239048394e27bd0baf63387f819b17db9c
2018-12-04 14:50:56 -08:00 · 2018-12-04 14:50:56 -08:00 · 485539f618
commit 485539f618
parent 56ee3a67ba
1 changed files with 19 additions and 0 deletions
--- a/playbooks/roles/nameserver/tasks/main.yaml
+++ b/playbooks/roles/nameserver/tasks/main.yaml
@ -17,6 +17,25 @@
  package:
    name:
      - nsd
+- name: Create nsd unit file override dir
+  file:
+    path: /etc/systemd/system/nsd.service.d
+    state: directory
+    owner: root
+    group: root
+    mode: 0755
+- name: Create nsd unit file override config
+  # This is necessary to force nsd to start after networking is up.
+  # Upstream package is broken when not listening on :: or ::1
+  copy:
+    owner: root
+    group: root
+    mode: 0644
+    dest: /etc/systemd/system/nsd.service.d/deps.conf
+    content: |
+      [Unit]
+      After=network-online.target
+      Wants=network-online.target
 - name: Enable NSD
  service:
    name: nsd