ansible-role-bind/tasks/zones.yml

---
- name: set fact bind_zone_play if it empty
  set_fact:
    bind_zones_play: '{{ bind_zones_play|default([]) + [ item ] }}'
  loop: '{{ bind_zones|dict2items }}'
  loop_control:
    label: '{{ item.key }}'
  when: >
    (item.value.state is not defined or item.value.state != 'absent')
    and (bind_zones_subset is not defined or item.key in bind_zones_subset)

- name: create zone folder
  file:
    path: '/etc/bind/zones/{{ item.key }}'
    owner: bind
    group: bind
    mode: 0755
    state: directory
  loop_control:
    label: '{{ item.key }}'
  loop: '{{ bind_zones_play }}'

- name: copy zone files
  template:
    src: db.j2
    dest: '/etc/bind/zones/{{ item.key }}/db'
    owner: root
    group: root
    mode: 0644
  loop: '{{ bind_zones_play }}'
  loop_control:
    label: '{{ item.key }}'
  register: zone
  notify: reload bind

- name: dnssec sign
  shell: >
    dnssec-signzone -3 $(head -n 1000 /dev/urandom | sha1sum | cut -b 1-16) -A -N INCREMENT
    -o {{ item.item.key }} -t /etc/bind/zones/{{ item.item.key }}/db
  args:
    chdir: /etc/bind/keys
  loop: '{{ zone.results }}'
  loop_control:
    label: '{{ item.item.key }}'
  when: item.item.key in bind_dnssec and item.changed
  notify: reload bind

- name: get zones files
  find:
    path: /etc/bind/zones
    file_type: directory
    recurse: no
  register: zone_folders

- name: delete old zone file
  file:
    path: '{{ item.path }}'
    state: absent
  loop: '{{ zone_folders.files }}'
  loop_control:
    label: '{{ item.path|basename }}'
  when: >
    item.path|basename not in bind_zones or
    ('state' in bind_zones[item.path|basename] and bind_zones[item.path|basename].state == 'absent')
style: fix syntax for yamlint and ansible-lint 2019-02-18 21:36:09 +00:00			`---`
			`- name: set fact bind_zone_play if it empty`
			`set_fact:`
feat: add bind_zones_subnet for extra-vars 2018-05-26 07:51:21 +00:00			`bind_zones_play: '{{ bind_zones_play\|default([]) + [ item ] }}'`
break: change with_items to loop 2018-12-05 09:16:43 +00:00			`loop: '{{ bind_zones\|dict2items }}'`
feat: use label in loop_control 2020-03-06 22:31:43 +00:00			`loop_control:`
			`label: '{{ item.key }}'`
style: fix syntax for yamlint and ansible-lint 2019-02-18 21:36:09 +00:00			`when: >`
			`(item.value.state is not defined or item.value.state != 'absent')`
			`and (bind_zones_subset is not defined or item.key in bind_zones_subset)`
feat: add bind_zones_subnet for extra-vars 2018-05-26 07:51:21 +00:00
feat: remove old zones files 2018-03-31 15:50:50 +00:00			`- name: create zone folder`
			`file:`
			`path: '/etc/bind/zones/{{ item.key }}'`
			`owner: bind`
			`group: bind`
			`mode: 0755`
			`state: directory`
feat: use label in loop_control 2020-03-06 22:31:43 +00:00			`loop_control:`
			`label: '{{ item.key }}'`
break: change with_items to loop 2018-12-05 09:16:43 +00:00			`loop: '{{ bind_zones_play }}'`
feat: remove old zones files 2018-03-31 15:50:50 +00:00
feat: split main file 2018-03-28 15:45:57 +00:00			`- name: copy zone files`
			`template:`
			`src: db.j2`
feat: remove old zones files 2018-03-31 15:50:50 +00:00			`dest: '/etc/bind/zones/{{ item.key }}/db'`
feat: split main file 2018-03-28 15:45:57 +00:00			`owner: root`
			`group: root`
			`mode: 0644`
break: change with_items to loop 2018-12-05 09:16:43 +00:00			`loop: '{{ bind_zones_play }}'`
feat: use label in loop_control 2020-03-06 22:31:43 +00:00			`loop_control:`
			`label: '{{ item.key }}'`
feat: split main file 2018-03-28 15:45:57 +00:00			`register: zone`
			`notify: reload bind`

			`- name: dnssec sign`
style: fix syntax for yamlint and ansible-lint 2019-02-18 21:36:09 +00:00			`shell: >`
			`dnssec-signzone -3 $(head -n 1000 /dev/urandom \| sha1sum \| cut -b 1-16) -A -N INCREMENT`
			`-o {{ item.item.key }} -t /etc/bind/zones/{{ item.item.key }}/db`
feat: split main file 2018-03-28 15:45:57 +00:00			`args:`
			`chdir: /etc/bind/keys`
break: change with_items to loop 2018-12-05 09:16:43 +00:00			`loop: '{{ zone.results }}'`
feat: use label in loop_control 2020-03-06 22:31:43 +00:00			`loop_control:`
			`label: '{{ item.item.key }}'`
style: fix syntax for yamlint and ansible-lint 2019-02-18 21:36:09 +00:00			`when: item.item.key in bind_dnssec and item.changed`
feat: split main file 2018-03-28 15:45:57 +00:00			`notify: reload bind`
feat: remove old zones files 2018-03-31 15:50:50 +00:00
			`- name: get zones files`
			`find:`
			`path: /etc/bind/zones`
			`file_type: directory`
			`recurse: no`
			`register: zone_folders`

			`- name: delete old zone file`
			`file:`
			`path: '{{ item.path }}'`
			`state: absent`
break: change with_items to loop 2018-12-05 09:16:43 +00:00			`loop: '{{ zone_folders.files }}'`
feat: use label in loop_control 2020-03-06 22:31:43 +00:00			`loop_control:`
			`label: '{{ item.path\|basename }}'`
style: fix syntax for yamlint and ansible-lint 2019-02-18 21:36:09 +00:00			`when: >`
			`item.path\|basename not in bind_zones or`
			`('state' in bind_zones[item.path\|basename] and bind_zones[item.path\|basename].state == 'absent')`