tasks/main.yml

---
# nsd tasks/main.yml
#
# SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
# SPDX-License-Identifier: Apache-2.0

- name: include OS-specific vars
  include_vars: "{{ ansible_os_family }}.yml"

- name: include OS-specific tasks
  include_tasks: "{{ ansible_os_family }}.yml"

- name: Create nsd zones directory
  file:
    name: "{{ nsd_zones_dir }}"
    state: directory
    mode: 0755
    owner: root
    group: "{{ nsd_groupname }}"

- name: Create nsd.conf configuration file from template
  template:
    src: "nsd.conf.j2"
    dest: "{{ nsd_conf_dir }}/nsd.conf"
    owner: root
    group: "{{ nsd_groupname }}"
    mode: 0644
    backup: true
    validate: "nsd-checkconf %s"
  notify:
    - restart-nsd

- name: Create DNS forward zonefiles from template
  template:
    src: zone.forward.j2
    dest: "{{ nsd_zones_dir }}/{{ item.key }}.forward"
    mode: 0644
    owner: root
    group: "{{ nsd_groupname }}"
    validate: "nsd-checkzone {{ item.key }} %s"
  with_dict: "{{ dns_forward_zones }}"
  notify:
    - reload-nsd

- name: Create DNS reverse zonefiles from template
  template:
    src: zone.reverse.j2
    dest: "{{ nsd_zones_dir }}/{{ item.key | ipaddr('network') }}.reverse"
    mode: 0644
    owner: root
    group: "{{ nsd_groupname }}"
    validate: "nsd-checkzone {{ item.key | unbound_revdns }} %s"
  with_dict: "{{ dns_reverse_zones }}"
  notify:
    - reload-nsd

- name: Enable and start nsd
  service:
    name: "{{ nsd_service }}"
    enabled: true
    state: started
    arguments: "{{ nsd_arguments | default(omit) }}"

- name: Flush handlers as listen addresses can conflict with unbound
  meta: flush_handlers