ansible-role-bind/tasks/zones.yml

- set_fact:
    bind_zones_play: '{{ bind_zones_play|default([]) + [ item ] }}'
  with_dict: '{{ bind_zones }}'
  when: (item.value.state is not defined or item.value.state != 'absent') and (bind_zones_subset is not defined or item.key in bind_zones_subset)

- name: create zone folder
  file:
    path: '/etc/bind/zones/{{ item.key }}'
    owner: bind
    group: bind
    mode: 0755
    state: directory
  with_items: '{{ bind_zones_play }}'

- name: copy zone files
  template:
    src: db.j2
    dest: '/etc/bind/zones/{{ item.key }}/db'
    owner: root
    group: root
    mode: 0644
  with_items: '{{ bind_zones_play }}'
  register: zone
  notify: reload bind

- name: dnssec sign
  shell: 'dnssec-signzone -3 $(head -n 1000 /dev/urandom | sha1sum | cut -b 1-16) -A -N INCREMENT -o {{ item.item.key }} -t /etc/bind/zones/{{ item.item.key }}/db'
  args:
    chdir: /etc/bind/keys
  with_items: '{{ zone.results }}'
  when: item.changed and item.item.value.dnssec is defined and item.item.value.dnssec
  notify: reload bind

- name: get zones files
  find:
    path: /etc/bind/zones
    file_type: directory
    recurse: no
  register: zone_folders

- name: delete old zone file
  file:
    path: '{{ item.path }}'
    state: absent
  with_items: '{{ zone_folders.files }}'
  when: item.path|basename not in bind_zones or ('state' in bind_zones[item.path|basename] and bind_zones[item.path|basename].state == 'absent')
feat: add bind_zones_subnet for extra-vars 2018-05-26 07:51:21 +00:00			`- set_fact:`
			`bind_zones_play: '{{ bind_zones_play\|default([]) + [ item ] }}'`
			`with_dict: '{{ bind_zones }}'`
			`when: (item.value.state is not defined or item.value.state != 'absent') and (bind_zones_subset is not defined or item.key in bind_zones_subset)`

feat: remove old zones files 2018-03-31 15:50:50 +00:00			`- name: create zone folder`
			`file:`
			`path: '/etc/bind/zones/{{ item.key }}'`
			`owner: bind`
			`group: bind`
			`mode: 0755`
			`state: directory`
feat: add bind_zones_subnet for extra-vars 2018-05-26 07:51:21 +00:00			`with_items: '{{ bind_zones_play }}'`
feat: remove old zones files 2018-03-31 15:50:50 +00:00
feat: split main file 2018-03-28 15:45:57 +00:00			`- name: copy zone files`
			`template:`
			`src: db.j2`
feat: remove old zones files 2018-03-31 15:50:50 +00:00			`dest: '/etc/bind/zones/{{ item.key }}/db'`
feat: split main file 2018-03-28 15:45:57 +00:00			`owner: root`
			`group: root`
			`mode: 0644`
feat: add bind_zones_subnet for extra-vars 2018-05-26 07:51:21 +00:00			`with_items: '{{ bind_zones_play }}'`
feat: split main file 2018-03-28 15:45:57 +00:00			`register: zone`
			`notify: reload bind`

			`- name: dnssec sign`
feat: remove old zones files 2018-03-31 15:50:50 +00:00			`shell: 'dnssec-signzone -3 $(head -n 1000 /dev/urandom \| sha1sum \| cut -b 1-16) -A -N INCREMENT -o {{ item.item.key }} -t /etc/bind/zones/{{ item.item.key }}/db'`
feat: split main file 2018-03-28 15:45:57 +00:00			`args:`
			`chdir: /etc/bind/keys`
			`with_items: '{{ zone.results }}'`
			`when: item.changed and item.item.value.dnssec is defined and item.item.value.dnssec`
			`notify: reload bind`
feat: remove old zones files 2018-03-31 15:50:50 +00:00
			`- name: get zones files`
			`find:`
			`path: /etc/bind/zones`
			`file_type: directory`
			`recurse: no`
			`register: zone_folders`

			`- name: delete old zone file`
			`file:`
			`path: '{{ item.path }}'`
			`state: absent`
			`with_items: '{{ zone_folders.files }}'`
			`when: item.path\|basename not in bind_zones or ('state' in bind_zones[item.path\|basename] and bind_zones[item.path\|basename].state == 'absent')`