Update DNS settings.

cookbooks/consul/dnsmasq.rb

@@ -8,16 +8,33 @@ end
 
 case run_command('grep VERSION_ID /etc/os-release | awk -F\" \'{print $2}\'').stdout.chomp
 when "24.04"
-  remote_file '/etc/systemd/resolved.conf' do
+  execute "change link to /etc/resolv.conf" do
+    command "ln -fs /run/systemd/resolve/resolv.conf /etc/resolv.conf"
+  end
+
+  directory "/etc/systemd/resolved.conf.d/" do
+    mode  "0755"
+    owner "root"
+    group "root"
+  end
+
+  template '/etc/systemd/resolved.conf.d/partial.conf' do
     owner 'root'
     group 'root'
     mode '644'
 
-    source 'files/etc/systemd/resolved.conf.2404'
+    source 'templates/etc/systemd/resolved.conf.d/partial.conf.erb'
+    variables(dns: node['consul']['dns'])
 
     notifies :restart, 'service[systemd-resolved]', :immediately
   end
 
+  remote_file "/etc/default/dnsmasq" do
+    mode   "0644"
+    owner  "root"
+    group  "root"
+  end
+
   remote_file '/etc/dnsmasq.conf' do
     owner 'root'
     group 'root'

cookbooks/consul/files/etc/default/dnsmasq

@@ -0,0 +1,42 @@
+# This file has six functions:
+# 1) to completely disable starting this dnsmasq instance
+# 2) to set DOMAIN_SUFFIX by running `dnsdomainname`
+# 3) to select an alternative config file
+#    by setting DNSMASQ_OPTS to --conf-file=<file>
+# 4) to tell dnsmasq to read the files in /etc/dnsmasq.d for
+#    more configuration variables.
+# 5) to stop the resolvconf package from controlling dnsmasq's
+#    idea of which upstream nameservers to use.
+# 6) to avoid using this dnsmasq instance as the system's default resolver
+#    by setting DNSMASQ_EXCEPT="lo"
+# For upgraders from very old versions, all the shell variables set
+# here in previous versions are still honored by the init script
+# so if you just keep your old version of this file nothing will break.
+
+#DOMAIN_SUFFIX=`dnsdomainname`
+#DNSMASQ_OPTS="--conf-file=/etc/dnsmasq.alt"
+
+# The dnsmasq daemon is run by default conforming to the Debian Policy.
+# To disable the service,
+# for SYSV init, use "update-rc.d dnsmasq disable",
+# for systemd, use "systemctl disable dnsmasq".
+
+# By default search this drop directory for configuration options.
+# Libvirt leaves a file here to make the system dnsmasq play nice.
+# Comment out this line if you don't want this. The dpkg-* are file
+# endings which cause dnsmasq to skip that file. This avoids pulling
+# in backups made by dpkg.
+CONFIG_DIR=/etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new
+
+# If the resolvconf package is installed, dnsmasq will use its output
+# rather than the contents of /etc/resolv.conf to find upstream
+# nameservers. Uncommenting this line inhibits this behaviour.
+# Note that including a "resolv-file=<filename>" line in
+# /etc/dnsmasq.conf is not enough to override resolvconf if it is
+# installed: the line below must be uncommented.
+IGNORE_RESOLVCONF=yes
+
+# If the resolvconf package is installed, dnsmasq will tell resolvconf
+# to use dnsmasq under 127.0.0.1 as the system's default resolver.
+# Uncommenting this line inhibits this behaviour.
+#DNSMASQ_EXCEPT="lo"

cookbooks/consul/templates/etc/systemd/resolved.conf.d/partial.conf.erb

@@ -0,0 +1,3 @@
+[Resolve]
+DNS=127.0.0.1
+DNSStubListener=no