Also support OpenBSD

5 files changed, 145 insertions, 36 deletions

diff --git a/handlers/main.yml b/handlers/main.yml
index 4127a86..6838ab5 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,4 +1,14 @@
-- name: Restart NSD
+- name: Restart NSD [ Linux ]
   runit:
     name: nsd
     state: restarted
+  listen:
+    - Restart NSD
+  when: ansible_facts['system'].lower() == "linux"
+- name: Restart NSD [ OpenBSD ]
+  service:
+    name: nsd
+    state: restarted
+  listen:
+    - Restart NSD
+  when: ansible_facts['system'].lower() == "openbsd"
diff --git a/tasks/linux.yml b/tasks/linux.yml
new file mode 100644
index 0000000..346c088
--- /dev/null
+++ b/tasks/linux.yml
@@ -0,0 +1,36 @@
+---
+- name: 'Install NSD [Void]'
+  xbps:
+    state: present
+    name: nsd
+  when: ansible_facts['distribution'].lower() == "void"
+- name: 'Install NSD [Alpine]'
+  apk:
+    state: present
+    name: nsd
+  when: ansible_facts['distribution'].lower() == "alpine"
+- name: Install nsd.conf
+  template:
+    src: nsd.conf
+    dest: /etc/nsd/nsd.conf
+- name: Install zone files
+  template:
+    src: 'zones/{{item}}'
+    dest: '/etc/nsd/{{item}}.zone'
+    validate: 'nsd-checkzone {{item}} %s'
+    owner: root
+    group: nsd
+    mode: 0640
+  loop: "{{nsd_zones}}"
+  notify:
+    - Restart NSD
+- name: Include Alpine Linux Speicifc Tasks
+  include_tasks: alpine.yml
+  when: ansible_facts['distribution'].lower() == "alpine"
+- name: Enable NSD
+  file:
+    src: /etc/sv/nsd
+    dest: /var/service/nsd
+    owner: root
+    group: root
+    state: link
diff --git a/tasks/main.yml b/tasks/main.yml
index 346c088..ebb9733 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,36 +1,7 @@
 ---
-- name: 'Install NSD [Void]'
-  xbps:
-    state: present
-    name: nsd
-  when: ansible_facts['distribution'].lower() == "void"
-- name: 'Install NSD [Alpine]'
-  apk:
-    state: present
-    name: nsd
-  when: ansible_facts['distribution'].lower() == "alpine"
-- name: Install nsd.conf
-  template:
-    src: nsd.conf
-    dest: /etc/nsd/nsd.conf
-- name: Install zone files
-  template:
-    src: 'zones/{{item}}'
-    dest: '/etc/nsd/{{item}}.zone'
-    validate: 'nsd-checkzone {{item}} %s'
-    owner: root
-    group: nsd
-    mode: 0640
-  loop: "{{nsd_zones}}"
-  notify:
-    - Restart NSD
-- name: Include Alpine Linux Speicifc Tasks
-  include_tasks: alpine.yml
-  when: ansible_facts['distribution'].lower() == "alpine"
-- name: Enable NSD
-  file:
-    src: /etc/sv/nsd
-    dest: /var/service/nsd
-    owner: root
-    group: root
-    state: link
+- name: Include Linux tasks
+  include_tasks: linux.yml
+  when: ansible_facts['system'].lower() == "linux"
+- name: Include OpenBSD Tasks
+  include_tasks: openbsd.yml
+  when: ansible_facts['system'].lower() == "openbsd"
diff --git a/tasks/openbsd.yml b/tasks/openbsd.yml
new file mode 100644
index 0000000..0d3e613
--- /dev/null
+++ b/tasks/openbsd.yml
@@ -0,0 +1,22 @@
+---
+- name: 'Install nsd.conf'
+  template:
+    src: openbsd_nsd.conf
+    dest: /var/nsd/etc/nsd.conf
+  notify:
+    - Restart NSD
+- name: Install zone files
+  template:
+    src: 'zones/{{item}}'
+    dest: '/var/nsd/zones/master/{{item}}.zone'
+    validate: 'nsd-checkzone {{item}} %s'
+    owner: root
+    group: wheel
+    mode: 0644
+  loop: "{{nsd_zones}}"
+  notify:
+    - Restart NSD
+- name: Enable nsd
+  service:
+    name: nsd
+    enabled: yes
diff --git a/templates/openbsd_nsd.conf b/templates/openbsd_nsd.conf
new file mode 100644
index 0000000..70e3541
--- /dev/null
+++ b/templates/openbsd_nsd.conf
@@ -0,0 +1,70 @@
+# Manged by Ansible
+
+server:
+        hide-version: yes
+        verbosity: 1
+        database: "" # disable database
+
+## bind to a specific address/port
+#       ip-address: 192.0.2.53
+#       ip-address: 192.0.2.53@5678
+#       ip-address: 2001:db8::53
+
+## make packets as small as possible, on by default
+#       minimal-responses: yes
+
+## respond with truncation for ANY queries over UDP and allow ANY over TCP,
+## on by default
+#       refuse-any: yes
+
+remote-control:
+        control-enable: yes
+        control-interface: /var/run/nsd.sock
+
+## tsig key example
+#key:
+#       name: "tsig1.example.com."
+#       algorithm: hmac-sha256
+#       secret: "bWVrbWl0YXNkaWdvYXQ="
+
+## master zone example
+#zone:
+#       name: "example.com"
+#       zonefile: "master/example.com"
+#       notify: 192.0.2.1 NOKEY
+#       provide-xfr: 192.0.2.1 NOKEY
+
+## slave zone example
+#zone:
+#       name: "example.net"
+#       zonefile: "slave/example.net"
+#       allow-notify: 192.0.2.2 tsig1.example.com.
+#       request-xfr: 192.0.2.2 tsig1.example.com.
+
+## dynamically configured zones, used with "nsd-control addzone/delzone".
+## filenames are constructed using the pattern: %s - zone name.
+## %1 - first character of zone name, %2 second, ## %3 third.
+## %z - topleveldomain label of zone, %y, %x next labels in name.
+#pattern:
+#       name: "master"
+#       zonefile: "master/%s.zone"
+#       notify: 192.0.2.1 NOKEY
+#       provide-xfr: 192.0.2.1 NOKEY
+
+
+{% if nsd_keys is defined %}
+{% for key in nsd_keys %}
+key:
+	name: {{key.name}}
+	algorithm: {{key.algorithm}}
+	secret: "{{key.secret}}"
+{% endfor %}
+{% endif %}
+
+
+{% for zone in nsd_zones %}
+zone:
+	name: {{zone}}
+	zonefile: master/%s.zone
+
+{% endfor %}