From 0269cafff7554254b89e797f02726279b87cb8ab Mon Sep 17 00:00:00 2001
From: Jack Ivanov <e601809@gmail.com>
Date: Mon, 12 Dec 2016 18:52:34 +0300
Subject: [PATCH] DNS fix

---
 config.cfg                        | 10 ++++++----
 roles/vpn/templates/ipsec.conf.j2 |  2 +-
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/config.cfg b/config.cfg
index 34a1908..296de4d 100644
--- a/config.cfg
+++ b/config.cfg
@@ -29,10 +29,12 @@ server_name: "{{ ansible_ssh_host }}"
 IP_subject_alt_name: "{{ ansible_ssh_host }}"
 
 dns_servers:
-  - 8.8.8.8
-  - 8.8.4.4
-  - 2001:4860:4860::8888
-  - 2001:4860:4860::8844
+  ipv4:
+    - 8.8.8.8
+    - 8.8.4.4
+  ipv6:
+    - 2001:4860:4860::8888
+    - 2001:4860:4860::8844
 
 strongswan_enabled_plugins:
   - aes
diff --git a/roles/vpn/templates/ipsec.conf.j2 b/roles/vpn/templates/ipsec.conf.j2
index 58089c1..6b60e36 100644
--- a/roles/vpn/templates/ipsec.conf.j2
+++ b/roles/vpn/templates/ipsec.conf.j2
@@ -28,7 +28,7 @@ conn %default
 {% if local_dns is defined and local_dns == "Y" %}
     rightdns={{ local_service_ip }}
 {% else %}
-    rightdns={% for host in dns_servers %}{{ host }}{% if not loop.last %},{% endif %}{% endfor %}
+    rightdns={% for host in dns_servers.ipv4 %}{{ host }}{% if not loop.last %},{% endif %}{% endfor %}{% if ipv6_support is defined and ipv6_support == "yes" %},{% for host in dns_servers.ipv6 %}{{ host }}{% if not loop.last %},{% endif %}{% endfor %}{% endif %}
 {% endif %}
 
 conn ikev2-pubkey