dns: refactor nsd zones generation to support DKIM record

author: Aaron LI <aly@aaronly.me> 2018-03-04 18:42:40 +0800
committer: Aaron LI <aly@aaronly.me> 2018-03-14 11:35:08 +0800
commit: 5836875b025e1601dd182963fc372581cc724faa (patch)
tree: 3d8ba8f384e69de03a48042c5aa88f4066a5e4b2 /roles/dns/tasks/nsd-zone.yml
parent: c1c03239eef42fb55961d98d64bc82c0c84b0986 (diff)
download: ansible-dfly-vps-5836875b025e1601dd182963fc372581cc724faa.tar.bz2
1 files changed, 31 insertions, 0 deletions
diff --git a/roles/dns/tasks/nsd-zone.yml b/roles/dns/tasks/nsd-zone.yml
new file mode 100644
index 0000000..960b230
--- /dev/null
+++ b/roles/dns/tasks/nsd-zone.yml
@@ -0,0 +1,31 @@
+---
+- name: var - set domain
+  set_fact:
+    domain: "{{ zonefile | basename | regex_replace('\\.zone\\.j2', '') }}"
+
+- name: var - set domain_keyfile
+  set_fact:
+    domain_keyfile: /usr/local/etc/mail/dkim/{{ domain }}-{{ mail.dkim.selector }}.pem
+
+- name: dkim - check domain key existence
+  stat:
+    path: "{{ domain_keyfile }}"
+  register: stat_result
+
+- name: dkim - slurp domain key from the remote machine
+  slurp:
+    src: "{{ domain_keyfile }}"
+  # NOTE: get the contents with `{{ slurp_result['content'] | b64decode }}`
+  register: slurp_result
+  when: stat_result.stat.exists
+
+- name: var - set domain_key
+  set_fact:
+    domain_key: "{{ slurp_result['content'] | b64decode }}"
+  when: stat_result.stat.exists
+
+- name: NSD - generate zone files
+  template:
+    src: "{{ zonefile }}"
+    dest: "/usr/local/etc/nsd/zones/{{ domain }}.zone"
+    validate: "nsd-checkzone {{ domain }} %s"
author	Aaron LI <aly@aaronly.me>	2018-03-04 18:42:40 +0800
committer	Aaron LI <aly@aaronly.me>	2018-03-14 11:35:08 +0800
commit	5836875b025e1601dd182963fc372581cc724faa (patch)
tree	3d8ba8f384e69de03a48042c5aa88f4066a5e4b2 /roles/dns/tasks/nsd-zone.yml
parent	c1c03239eef42fb55961d98d64bc82c0c84b0986 (diff)
download	ansible-dfly-vps-5836875b025e1601dd182963fc372581cc724faa.tar.bz2