From 62b6ae416416d28a37c7cfdc16d54cbffa72cd7b Mon Sep 17 00:00:00 2001
From: Tony Breeds <tony@bakeyournoodle.com>
Date: Wed, 31 Jul 2024 12:49:38 +1000
Subject: [PATCH] [base/unbound] Install dns-root-data package

Setting up a new Noble base server errors with:
  unbound[9702]: [9702:0] error: unable to open /var/lib/unbound/root.key for reading: No such file or directory
  unbound[9702]: [9702:0] error: error reading auto-trust-anchor-file: /var/lib/unbound/root.key

Rather that install and setup the root.key as described in[1] we install
the dns-root-data package which is recomended by the unbound package anyway

[1] https://nlnetlabs.nl/documentation/unbound/howto-anchor/

Change-Id: I6e6adffa8910931efa1f52d37848cce54f3b00c8
---
 playbooks/roles/base/unbound/tasks/main.yaml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/playbooks/roles/base/unbound/tasks/main.yaml b/playbooks/roles/base/unbound/tasks/main.yaml
index c3e4ad7ff6..9c76f95a13 100644
--- a/playbooks/roles/base/unbound/tasks/main.yaml
+++ b/playbooks/roles/base/unbound/tasks/main.yaml
@@ -10,6 +10,12 @@
     state: present
     name: unbound
 
+- name: Install dns-root-data on Noble
+  package:
+    state: present
+    name: dns-root-data
+  when: ansible_distribution == "Ubuntu" and ansible_distribution_major_version|int >= 24
+
 - name: Write dhclient config files
   include_tasks: dhclient.yaml
   loop: