diff --git a/defaults/main.yaml b/defaults/main.yaml
index 48e866f..01020f9 100644
--- a/defaults/main.yaml
+++ b/defaults/main.yaml
@@ -17,6 +17,11 @@ apt_repository_security: "https://archive.ubuntu.com/ubuntu"
 debian_repo_url_security: "http://security.debian.org/debian-security"
 debian_repo_url_update: "http://deb.debian.org/debian"
 
+# dns
+dns_search: "example.internal"
+dns_servers:
+  - "192.168.10.1"
+
 # firewall
 firewall_enable: true
 firewall_basic_rules:
diff --git a/tasks/dns.yaml b/tasks/dns.yaml
new file mode 100644
index 0000000..3fffeaf
--- /dev/null
+++ b/tasks/dns.yaml
@@ -0,0 +1,11 @@
+---
+
+# manage resolve.conf
+- name: "configure resolv.conf"
+  ansible.builtin.template:
+    src: "dns/resolv.conf.j2"
+    dest: "/etc/resolv.conf"
+    owner: root
+    group: root
+    mode: "0644"
+  when: ansible_facts['distribution'] in ['Alpine', 'Debian']
diff --git a/tasks/main.yaml b/tasks/main.yaml
index ee7e37b..3056cc8 100644
--- a/tasks/main.yaml
+++ b/tasks/main.yaml
@@ -11,6 +11,11 @@
   ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yaml"
   tags: "always"
 
+# set dns
+- name: "set dns"
+  ansible.builtin.import_tasks: "dns.yaml"
+  tags: "dns"
+
 # set hostname
 - name: "set hostname"
   ansible.builtin.import_tasks: "hostname.yaml"
@@ -46,7 +51,6 @@
     - "ansible_virtualization_type == 'kvm'"
   tags: "swap"
 
-
 # manage fstab
 - name: "manage fstab"
   ansible.builtin.import_tasks: "fstab.yaml"
diff --git a/templates/dns/resolve.conf.j2 b/templates/dns/resolve.conf.j2
new file mode 100644
index 0000000..6bfb72e
--- /dev/null
+++ b/templates/dns/resolve.conf.j2
@@ -0,0 +1,6 @@
+{% for dns_server in dns_servers -%}
+nameserver {{ dns_server }}
+{% endfor %}
+{% if "example" not in dns_search -%}
+search {{ dns_search }}
+{% endif %}