From 0ffe4d49969e84f12f04c1b0f8d7ae30998e5f80 Mon Sep 17 00:00:00 2001
From: missytake <missytake@systemli.org>
Date: Tue, 19 Dec 2023 17:31:34 +0100
Subject: [PATCH] Revert "pyinfra: only install unbound-anchor on Debian
 systems"

This reverts commit c1d3de926ee561fd92b2696b45909b21b1a84a9c.
---
 cmdeploy/src/cmdeploy/__init__.py | 17 +++++------------
 1 file changed, 5 insertions(+), 12 deletions(-)

diff --git a/cmdeploy/src/cmdeploy/__init__.py b/cmdeploy/src/cmdeploy/__init__.py
index 45472036..71db3ce1 100644
--- a/cmdeploy/src/cmdeploy/__init__.py
+++ b/cmdeploy/src/cmdeploy/__init__.py
@@ -12,7 +12,6 @@ from pyinfra import host
 from pyinfra.operations import apt, files, server, systemd, pip
 from pyinfra.facts.files import File
 from pyinfra.facts.systemd import SystemdEnabled
-from pyinfra.facts.server import LinuxDistribution
 from .acmetool import deploy_acmetool
 
 from chatmaild.config import read_config, Config
@@ -400,18 +399,12 @@ def deploy_chatmail(config_path: Path) -> None:
     # to use 127.0.0.1 as the resolver.
     apt.packages(
         name="Install unbound",
-        packages=["unbound"],
+        packages=["unbound", "unbound-anchor"],
+    )
+    server.shell(
+        name="Generate root keys for validating DNSSEC",
+        commands=["unbound-anchor -a /var/lib/unbound/root.key || true"],
     )
-    if host.get_fact(LinuxDistribution).get("name") == "Debian":
-        # on Debian, the root key doesn't seem to be auto-generated during apt install unbound.
-        apt.packages(
-            name="Install unbound-anchor for generating DNSSEC validation root key",
-            packages=["unbound-anchor"],
-        )
-        server.shell(
-            name="Generate root keys for validating DNSSEC",
-            commands=["unbound-anchor -a /var/lib/unbound/root.key || true"],
-        )
     systemd.service(
         name="Start and enable unbound",
         service="unbound.service",