From 485539f6181b78b254dddea125c663c841625e5e Mon Sep 17 00:00:00 2001
From: Clark Boylan <clark.boylan@gmail.com>
Date: Tue, 4 Dec 2018 14:50:56 -0800
Subject: [PATCH] Update nsd systemd unit deps

Our nsd setup relies on the distro provided nsd unit file which doesn't
force nsd to wait for networking to be online before starting the
service. This is fine if listening on ::1 or :: (or ipv4 equivalents)
because those special addrs don't need network to be fully onling.

However, we don't listen on those addrs because we have unbound
performing local dns for us. Instead we listen on our public interfaces
which does require networking to be online first.

Thankfully freedesktop.org has a great faq page about this [0] and that
basically describes the addition of wanting and aftering
network-online.target. We do that through the unit config mechanism
described here [1].

[0] https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
[1] https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/sect-Managing_Services_with_systemd-Unit_Files#brid-Managing_Services_with_systemd-Extending_Unit_Config

Change-Id: Ieffe2e239048394e27bd0baf63387f819b17db9c
---
 playbooks/roles/nameserver/tasks/main.yaml | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/playbooks/roles/nameserver/tasks/main.yaml b/playbooks/roles/nameserver/tasks/main.yaml
index 21a83de3f8..e2e187116c 100644
--- a/playbooks/roles/nameserver/tasks/main.yaml
+++ b/playbooks/roles/nameserver/tasks/main.yaml
@@ -17,6 +17,25 @@
   package:
     name:
       - nsd
+- name: Create nsd unit file override dir
+  file:
+    path: /etc/systemd/system/nsd.service.d
+    state: directory
+    owner: root
+    group: root
+    mode: 0755
+- name: Create nsd unit file override config
+  # This is necessary to force nsd to start after networking is up.
+  # Upstream package is broken when not listening on :: or ::1
+  copy:
+    owner: root
+    group: root
+    mode: 0644
+    dest: /etc/systemd/system/nsd.service.d/deps.conf
+    content: |
+      [Unit]
+      After=network-online.target
+      Wants=network-online.target
 - name: Enable NSD
   service:
     name: nsd