1 files changed, 70 insertions, 0 deletions

diff --git a/templates/openbsd_nsd.conf b/templates/openbsd_nsd.conf
new file mode 100644
index 0000000..70e3541
--- /dev/null
+++ b/templates/openbsd_nsd.conf
@@ -0,0 +1,70 @@
+# Manged by Ansible
+
+server:
+        hide-version: yes
+        verbosity: 1
+        database: "" # disable database
+
+## bind to a specific address/port
+#       ip-address: 192.0.2.53
+#       ip-address: 192.0.2.53@5678
+#       ip-address: 2001:db8::53
+
+## make packets as small as possible, on by default
+#       minimal-responses: yes
+
+## respond with truncation for ANY queries over UDP and allow ANY over TCP,
+## on by default
+#       refuse-any: yes
+
+remote-control:
+        control-enable: yes
+        control-interface: /var/run/nsd.sock
+
+## tsig key example
+#key:
+#       name: "tsig1.example.com."
+#       algorithm: hmac-sha256
+#       secret: "bWVrbWl0YXNkaWdvYXQ="
+
+## master zone example
+#zone:
+#       name: "example.com"
+#       zonefile: "master/example.com"
+#       notify: 192.0.2.1 NOKEY
+#       provide-xfr: 192.0.2.1 NOKEY
+
+## slave zone example
+#zone:
+#       name: "example.net"
+#       zonefile: "slave/example.net"
+#       allow-notify: 192.0.2.2 tsig1.example.com.
+#       request-xfr: 192.0.2.2 tsig1.example.com.
+
+## dynamically configured zones, used with "nsd-control addzone/delzone".
+## filenames are constructed using the pattern: %s - zone name.
+## %1 - first character of zone name, %2 second, ## %3 third.
+## %z - topleveldomain label of zone, %y, %x next labels in name.
+#pattern:
+#       name: "master"
+#       zonefile: "master/%s.zone"
+#       notify: 192.0.2.1 NOKEY
+#       provide-xfr: 192.0.2.1 NOKEY
+
+
+{% if nsd_keys is defined %}
+{% for key in nsd_keys %}
+key:
+	name: {{key.name}}
+	algorithm: {{key.algorithm}}
+	secret: "{{key.secret}}"
+{% endfor %}
+{% endif %}
+
+
+{% for zone in nsd_zones %}
+zone:
+	name: {{zone}}
+	zonefile: master/%s.zone
+
+{% endfor %}