From 11b9a08635fec7b375587ef2e228973e6d9a9892 Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Sat, 18 Mar 2023 13:40:43 -0400 Subject: [PATCH] Add expect for aurutils. --- ansible/roles/build/tasks/linux.yaml | 1 + ansible/roles/network/files/mullvlad_dns_over_tls.conf | 3 +++ 2 files changed, 4 insertions(+) diff --git a/ansible/roles/build/tasks/linux.yaml b/ansible/roles/build/tasks/linux.yaml index caa5271..c727089 100644 --- a/ansible/roles/build/tasks/linux.yaml +++ b/ansible/roles/build/tasks/linux.yaml @@ -13,6 +13,7 @@ - base-devel - vifm # For aurutils - vim # For aurutils + - expect # For aurutils state: present - name: Extract aurutils aur entry diff --git a/ansible/roles/network/files/mullvlad_dns_over_tls.conf b/ansible/roles/network/files/mullvlad_dns_over_tls.conf index 81b18b5..ca6a9b6 100644 --- a/ansible/roles/network/files/mullvlad_dns_over_tls.conf +++ b/ansible/roles/network/files/mullvlad_dns_over_tls.conf @@ -1,3 +1,6 @@ [Resolve] +Domains=~. # Use this instead of the per-link DNS servers DNS=194.242.2.2#doh.mullvad.net [2a07:e340::2]#doh.mullvad.net DNSOverTLS=yes +# DNSSEC=allow-downgrade # Validate DNSSEC only if upstream DNS server supports it +# DNSSEC=true # Always validate DNSSEC which breaks name resolution for servers that do not support it