Fix DNS for replica rollout plus info

README.md

@@ -8,3 +8,12 @@ scripts -> Scripts for infrastructure go here
 tests   -> Repo specific tests
 utils   -> Utilities focused for infrastructure or testing this repo
 ```
+
+## Contributions
+
+See a place for improvement? See an error or bug? Have your own scripts or playbooks you want to add? Help us by opening an issue with a pull request for review!
+
+## Branches
+
+The main branch is currently the only branch. It is currently in discussion how the branches should be configured to not commit to main full time.
+

ansible/handlers/main.yml

@@ -8,3 +8,8 @@
   service:
     name: httpd
     state: restarted
+
+- name: reload_networkmanager
+  service:
+    name: NetworkManager
+    state: reloaded

ansible/inventory/ipainventory

@@ -34,6 +34,7 @@ ipareplica_setup_firewalld=yes
 ipareplica_setup_ca=yes
 ipareplica_setup_kra=yes
 ipareplica_setup_dns=yes
+ipa_dns_master=10.100.1.110
 
 [ipaclients]
 build-a-box.rockylinux.org ansible_host=10.100.1.112

ansible/role-rocky-ipa-replica.yml

@@ -19,6 +19,32 @@
           - "not no_ansible.stat.exists"
         msg: "/etc/no-ansible exists - skipping run on this node"
 
+    - name: Ensure 'dns=none' is set for Network Manager
+      ini_file:
+        path: /etc/NetworkManager/NetworkManager.conf
+        state: present
+        no_extra_spaces: yes
+        section: main
+        option: dns
+        value: none
+        owner: root
+        group: root
+        mode: 0644
+        backup: yes
+      notify:
+        - reload_networkmanager
+
+    - name: Ensure resolv.conf is pointing to main master
+      template:
+        src: templates/resolv.conf.j2
+        dest: /etc/resolv.conf
+        owner: root
+        group: root
+        mode: 0644
+        backup: yes
+      notify:
+        - reload_networkmanager
+
   roles:
   - role: ipareplica
     state: present

ansible/templates/resolv.conf

@@ -0,0 +1,4 @@
+# Generated by Ansible
+search {{ ipareplica_domain }}
+nameserver {{ ipa_dns_master }}
+