Import from main repo

3 files changed, 61 insertions, 0 deletions

diff --git a/handlers/main.yml b/handlers/main.yml
new file mode 100644
index 0000000..4127a86
--- /dev/null
+++ b/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: Restart NSD
+  runit:
+    name: nsd
+    state: restarted
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..ae218fc
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,27 @@
+---
+- name: Install NSD
+  xbps:
+    state: present
+    name: nsd
+- name: Install nsd.conf
+  template:
+    src: nsd.conf
+    dest: /etc/nsd/nsd.conf
+- name: Install zone files
+  template:
+    src: '{{inventory_hostname}}/zones/{{item}}'
+    dest: '/etc/nsd/{{item}}.zone'
+    validate: '/usr/bin/nsd-checkzone {{item}} %s'
+    owner: root
+    group: nsd
+    mode: 0640
+  loop: "{{nsd_zones}}"
+  notify:
+    - Restart NSD
+- name: Enable NSD
+  file:
+    src: /etc/sv/nsd
+    dest: /var/service/nsd
+    owner: root
+    group: root
+    state: link
diff --git a/templates/nsd.conf b/templates/nsd.conf
new file mode 100644
index 0000000..9c24027
--- /dev/null
+++ b/templates/nsd.conf
@@ -0,0 +1,30 @@
+# Managed by Ansible
+server:
+	server-count: 1 # use this number of cpu cores
+	database: "/var/db/nsd/nsd.db"
+	zonelistfile: "/var/db/nsd/zone.list"
+	username: nsd
+	logfile: "/var/log/nsd.log"
+	pidfile: "/var/run/nsd.pid"
+	xfrdfile: "/var/db/nsd/xfrd.state"
+
+{% if nsd_keys is defined %}
+{% for key in nsd_keys %}
+key:
+	name: {{key.name}}
+	algorithm: {{key.algorithm}}
+	secret: "{{key.secret}}"
+{% endfor %}
+{% endif %}
+
+
+{% for zone in nsd_zones %}
+zone:
+	name: {{zone}}
+	zonefile: /etc/nsd/%s.zone
+{% for slave in nsd_slaves %}
+	notify: {{slave.ip}} {{slave.key}}
+	provide-xfr: {{slave.ip}} {{slave.key}}
+{% endfor %}
+
+{% endfor %}