added unbound as nameserver software

roles/nameserver/tasks/configure_unbound_snmpd.yml

@@ -0,0 +1,15 @@
+- name: nameserver | snmpd | get script
+  get_url:
+    url: "https://github.com/librenms/librenms-agent/raw/master/snmp/unbound"
+    dest: "/etc/snmp/unbound"
+    mode: "0755"
+    owner: "root"
+    group: "root"
+
+- name: nameserver | snmpd | configure extend
+  lineinfile:
+    path: "/etc/snmp/snmpd.conf"
+    state: present
+    line: "extend unbound /etc/snmp/unbound"
+    insertafter: "# SECTION: Extends"
+  notify: restart_snmpd

roles/nameserver/tasks/install_unbound.yml

@@ -0,0 +1,12 @@
+- name: nameserver | unbound | install packages
+  package:
+    name: "{{ unbound_package }}"
+    state: present
+
+- name: nameserver | unbound | copy config
+  template:
+    src: "unbound_network.conf.j2"
+    dest: "etc/unbound/unbound.conf.d/network.conf"
+    mode: "0644"
+    owner: "root"
+    group: "root"

roles/nameserver/templates/unbound_network.conf.j2

@@ -0,0 +1,17 @@
+server:
+        ip-freebind: yes
+        interface: {{ wg_local_ip | ipaddr('address') }}
+        interface: 127.0.0.1
+        interface: 127.0.0.53
+        interface: ::1
+        outgoing-interface: {{ ansible_default_ipv4.address }}
+        outgoing-interface: {{ ansible_default_ipv6.address }}
+        access-control: 192.168.1.0/24 allow
+        access-control: 192.168.3.0/24 allow
+        access-control: 172.16.0.0/24 allow
+        extended-statistics: yes
+        statistics-cumulative: yes
+
+remote-control:
+        control-enable: yes
+        control-interface: 127.0.0.1

roles/nameserver/vars/Archlinux.yml

@@ -1,2 +1,3 @@
 bind_package: bind
+unbound_package: unbound
 perl_readbackwards: perl-file-readbackwards

roles/nameserver/vars/Debian.yml

@@ -1,2 +1,3 @@
 bind_package: bind9
+unbound_package: unbound
 perl_readbackwards: libfile-readbackwards-perl

roles/nameserver/vars/Ubuntu.yml

@@ -1,2 +1,3 @@
 bind_package: bind9
+unbound_package: unbound
 perl_readbackwards: libfile-readbackwards-perl