From b52a706becfe0b27fccdab988016a39784c5c829 Mon Sep 17 00:00:00 2001
From: Sven-Hendrik Haase <svenstaro@gmail.com>
Date: Sun, 13 Dec 2020 04:22:15 +0100
Subject: [PATCH] Add systemd-resolved DNS for quick-resolving changed
 Arch-controlled domains

---
 roles/common/files/resolved-arch.conf | 10 ++++++++++
 roles/common/handlers/main.yml        |  6 ++++++
 roles/common/tasks/main.yml           |  8 ++++++++
 3 files changed, 24 insertions(+)
 create mode 100644 roles/common/files/resolved-arch.conf

diff --git a/roles/common/files/resolved-arch.conf b/roles/common/files/resolved-arch.conf
new file mode 100644
index 000000000..3aa93aca6
--- /dev/null
+++ b/roles/common/files/resolved-arch.conf
@@ -0,0 +1,10 @@
+# Query authoritative namesevers directly when resolving
+# Arch Linux domains so we instantly know about Arch-specific changes.
+[Resolve]
+DNS=213.239.242.238       # ns1.first-ns.de
+DNS=2a01:4f8:0:a101::a:1  # ns1.first-ns.de
+DNS=213.133.105.6         # robotns2.second-ns.de
+DNS=2a01:4f8:d0a:2004::2  # robotns2.second-ns.de
+DNS=193.47.99.3           # robotns3.second-ns.com
+DNS=2001:67c:192c::add:a3 # robotns3.second-ns.com
+Domains=~archlinux.org ~pkgbuild.com
diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml
index 3e38b3d29..9fff6893a 100644
--- a/roles/common/handlers/main.yml
+++ b/roles/common/handlers/main.yml
@@ -6,6 +6,12 @@
     state: restarted
     daemon_reload: yes
 
+- name: restart resolved
+  systemd:
+    name: systemd-resolved
+    state: restarted
+    daemon_reload: yes
+
 - name: restart journald
   systemd:
     name: systemd-journald
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 45d78a06e..f6268da73 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -75,6 +75,14 @@
   service: name=systemd-networkd state=started enabled=yes
   when: configure_network
 
+- name: create additional resolved config directory
+  file: path=/etc/systemd/resolved.conf.d
+
+- name: configure additional resolved config for resolving Arch domains
+  copy: src=resolved-arch.conf dest=/etc/systemd/resolved.conf.d/resolved-arch.conf owner=root group=root mode=0644
+  notify:
+    - restart resolved
+
 - name: create additional network config directory
   file: path=/etc/systemd/network/10-dhcp-ethernet.network.d state=directory owner=root group=root mode=0755
   when: dhcp|default(False) and additional_addresses is defined
-- 
GitLab