add names for public interfaces, add apt-cacher-ng role
diff --git a/cord-single-playbook.yml b/cord-single-playbook.yml
index 1abd9d3..0e28450 100644
--- a/cord-single-playbook.yml
+++ b/cord-single-playbook.yml
@@ -17,6 +17,7 @@
   roles:
     - common-prep
     - cloudlab-prep
+    - apt-cacher-ng
 
 - name: DNS Server Setup
   hosts: head
diff --git a/roles/apt-cacher-ng/defaults/main.yml b/roles/apt-cacher-ng/defaults/main.yml
new file mode 100644
index 0000000..f54e9cc
--- /dev/null
+++ b/roles/apt-cacher-ng/defaults/main.yml
@@ -0,0 +1,6 @@
+---
+# apt-cacher-ng/defaults/main.yml
+
+apt_cacher_ip: 127.0.0.1
+apt_cacher_port: 3142
+
diff --git a/roles/apt-cacher-ng/handlers/main.yml b/roles/apt-cacher-ng/handlers/main.yml
new file mode 100644
index 0000000..cdc9735
--- /dev/null
+++ b/roles/apt-cacher-ng/handlers/main.yml
@@ -0,0 +1,7 @@
+---
+# apt-cacher-ng/handlers/main.yml
+
+- name: restart apt-cacher-ng
+  service:
+    name=apt-cacher-ng
+    state=restarted
diff --git a/roles/apt-cacher-ng/tasks/main.yml b/roles/apt-cacher-ng/tasks/main.yml
new file mode 100644
index 0000000..a8b9d90
--- /dev/null
+++ b/roles/apt-cacher-ng/tasks/main.yml
@@ -0,0 +1,27 @@
+---
+# roles/apt-cacher-ng/tasks
+
+- name: Install apt-cacher-ng with apt
+  apt:
+    name={{ item }}
+    update_cache=yes
+    cache_valid_time=3600
+  with_items:
+    - apt-cacher-ng
+
+- name: Configure apt-cacher-ng to pass through ssl repos
+  when: apt_ssl_sites is defined
+  lineinfile:
+    'dest=/etc/apt-cacher-ng/acng.conf
+    insertafter="^# PassThroughPattern"
+    regexp="^PassThroughPattern"
+    line="PassThroughPattern: ({{ apt_ssl_sites | join(\"|\")}}):443$"'
+  notify:
+    restart apt-cacher-ng
+
+- name: Configure local system to use apt-cacher-ng
+  template:
+    src=02apt-cacher-ng.j2
+    dest=/etc/apt/apt.conf.d/02apt-cacher-ng
+    mode=0644 owner=root group=root
+
diff --git a/roles/apt-cacher-ng/templates/02apt-cacher-ng.j2 b/roles/apt-cacher-ng/templates/02apt-cacher-ng.j2
new file mode 100644
index 0000000..b07ba88
--- /dev/null
+++ b/roles/apt-cacher-ng/templates/02apt-cacher-ng.j2
@@ -0,0 +1 @@
+Acquire::http { Proxy "http://{{ apt_cacher_ip }}:{{ apt_cacher_port }}"; };
diff --git a/roles/dns-nsd/templates/zone.forward.j2 b/roles/dns-nsd/templates/zone.forward.j2
index f5f8d4e..895d8a3 100644
--- a/roles/dns-nsd/templates/zone.forward.j2
+++ b/roles/dns-nsd/templates/zone.forward.j2
@@ -11,16 +11,24 @@
          3600        ; Expire [1hr]
          60          ; Min TTL [1m]
          )
-         
+
 ; Name Servers
 {% for ns in item.ns %}
         IN      NS      {{ ns.name ~ '.' ~ item.name }}.
 {% endfor %}
 
-
-{% set nodes = vars[item.nodelist] %}
-
 ;A and CNAME records
+{% if name_on_public_interface is defined %}
+{{ name_on_public_interface }}    IN    A    {{ ansible_default_ipv4.address }}
+{% endif %}
+{% if item.aliases is defined %}
+{% for alias in item.aliases %}
+{{ alias.name }}    IN    CNAME    {{ alias.dest }}
+{% endfor %}
+{% endif %}
+
+; Set from list of nodes
+{% set nodes = vars[item.nodelist] %}
 {% for node in nodes %}
 {{ node.name }}    IN    A    {{ item.ipv4_first_octets ~ "." ~ node.ipv4_last_octet }}
 {% if node.aliases is defined %}
diff --git a/vars/cord.yml b/vars/cord.yml
index 8474e00..24710ef 100644
--- a/vars/cord.yml
+++ b/vars/cord.yml
@@ -23,6 +23,12 @@
     ns:
       - { name: ns1 }
     nodelist: head_vm_list
+    aliases:
+      - { name: "ns1" , dest: "head" }
+      - { name: "ns" , dest: "head" }
+      - { name: "apt-cache" , dest: "head" }
+
+name_on_public_interface: head
 
 # If true, unbound listens on the head node's `ansible_default_ipv4` interface
 unbound_listen_on_default: True