--- - name: Ensure zones directory is present file: path: /etc/nsd/zones state: directory owner: root group: nsd mode: 0750 - name: Ensure zones src directory is present file: path: /etc/nsd/src_zones state: directory owner: root group: root mode: 0750 - name: Ensure zone files are compiled template: src: templates/nsd-star.conf.j2 dest: /etc/nsd/nsd.conf.d/10-zones.conf owner: root group: root mode: 0640 - name: Ensure main zone stub is present template: src: templates/zone_stub.conf.j2 dest: "/etc/nsd/src_zones/{{ main_zone.name }}.conf" owner: root group: root mode: 0640 vars: name: "{{ main_zone.name }}" mx_records: "{{ main_zone.records|json_query('[?type==`MX`]') }}" records: "{{ main_zone.records|json_query('[?type!=`MX`]') }}" register: main_zone_stub - name: Ensure main_zone is present template: src: templates/main_zone.conf.j2 dest: "/etc/nsd/zones/{{ main_zone.name }}.conf" owner: root group: nsd mode: 0640 when: main_zone_stub.changed notify: restart dns - name: Ensure zones stubs are present template: src: templates/zone_stub.conf.j2 dest: "/etc/nsd/src_zones/{{ item.name }}.conf" owner: root group: root mode: 0640 vars: name: "{{ item.name }}" mx_records: "{{ item.records|json_query('[?type==`MX`]') }}" records: "{{ item.records|json_query('[?type!=`MX`]') }}" loop: "{{ zones }}" register: zone_stubs - name: Ensure zones are present template: src: templates/zone.conf.j2 dest: "/etc/nsd/zones/{{ item.item.name }}.conf" owner: root group: nsd mode: 0640 vars: zname: "{{ item.item.name }}" zttl: "{{ item.item.ttl|default(3600) }}" zsoa: "{{ item.item.soa }}" zemail: "{{ item.item.email }}" zmx_records: "{{ item.item.records|json_query('[?type==`MX`]') }}" zrecords: "{{ item.item.records|json_query('[?type!=`MX`]') }}" when: item.changed loop: "{{ zone_stubs.results }}" notify: restart dns - name: Ensure nsd is started and enabled systemd: name: nsd.service state: started enabled: yes