full-dns/tasks/nsd_star.yml

86 lines
2.1 KiB
YAML

---
- name: Ensure zones directory is present
file:
path: /etc/nsd/zones
state: directory
owner: root
group: nsd
mode: 0750
- name: Ensure zones src directory is present
file:
path: /etc/nsd/src_zones
state: directory
owner: root
group: root
mode: 0750
- name: Ensure zone files are compiled
template:
src: templates/nsd-star.conf.j2
dest: /etc/nsd/nsd.conf.d/10-zones.conf
owner: root
group: root
mode: 0640
- name: Ensure main zone stub is present
template:
src: templates/zone_stub.conf.j2
dest: "/etc/nsd/src_zones/{{ main_zone.name }}.conf"
owner: root
group: root
mode: 0640
vars:
name: "{{ main_zone.name }}"
mx_records: "{{ main_zone.records|json_query('[?type==`MX`]') }}"
records: "{{ main_zone.records|json_query('[?type!=`MX`]') }}"
register: main_zone_stub
- name: Ensure main_zone is present
template:
src: templates/main_zone.conf.j2
dest: "/etc/nsd/zones/{{ main_zone.name }}.conf"
owner: root
group: nsd
mode: 0640
when: main_zone_stub.changed
notify: restart dns
- name: Ensure zones stubs are present
template:
src: templates/zone_stub.conf.j2
dest: "/etc/nsd/src_zones/{{ item.name }}.conf"
owner: root
group: root
mode: 0640
vars:
name: "{{ item.name }}"
mx_records: "{{ item.records|json_query('[?type==`MX`]') }}"
records: "{{ item.records|json_query('[?type!=`MX`]') }}"
loop: "{{ zones }}"
register: zone_stubs
- name: Ensure zones are present
template:
src: templates/zone.conf.j2
dest: "/etc/nsd/zones/{{ item.item.name }}.conf"
owner: root
group: nsd
mode: 0640
vars:
zname: "{{ item.item.name }}"
zttl: "{{ item.item.ttl|default(3600) }}"
zsoa: "{{ item.item.soa }}"
zemail: "{{ item.item.email }}"
zmx_records: "{{ item.item.records|json_query('[?type==`MX`]') }}"
zrecords: "{{ item.item.records|json_query('[?type!=`MX`]') }}"
when: item.changed
loop: "{{ zone_stubs.results }}"
notify: restart dns
- name: Ensure nsd is started and enabled
systemd:
name: nsd.service
state: started
enabled: yes