---
- set_fact:
    zones: "{{ [dns_server.main_zone] + dns_server.zones }}"
    main_zone: "{{ dns_server.main_zone }}"
    server: "{{ dns_server.servers|json_query(\"[?name=='\" + inventory_hostname + \"']\")|json_query('[0]') }}"
    others: "{{ dns_server.servers|json_query(\"[?name!='\" + inventory_hostname + \"']\") }}"
    star: "{{ dns_server.servers|json_query('[?star==`true`]')|json_query('[0]') }}"
    satellites: "{{ dns_server.servers|json_query('[?satellite==`true`]') }}"
    is_local_resolver: "{{ dns_server.servers|json_query(\"[?name=='\" + inventory_hostname + \"'].local_resolver\")|first|default(false) }}"
    is_star: "{{ dns_server.servers|json_query(\"[?name=='\" + inventory_hostname + \"'].star\")|first|default(false) }}"
    is_satellite: "{{ dns_server.servers|json_query(\"[?name=='\" + inventory_hostname + \"'].satellite\")|first|default(false) }}"

- name: Ensure systemd-resolved is absent
  systemd:
    name: systemd-resolved
    state: stopped
    masked: yes

- name: Ensure resolv.conf is appropriately configured
  copy:
    dest: /etc/resolv.conf
    content: |
      nameserver 8.8.8.8
      nameserver 1.1.1.1
    owner: root
    group: root
    mode: 0644

- include_tasks: wireguard.yml

- include_tasks: nsd.yml
  when: not wireguard.changed

- include_tasks: nsd_star.yml
  when: is_star and not wireguard.changed

- include_tasks: nsd_satellite.yml
  when: is_satellite and not wireguard.changed

- include_tasks: unbound.yml
  when: is_local_resolver and not wireguard.changed