dns: generate nsd.conf with domains and nameservers variables

2 files changed, 10 insertions, 11 deletions

diff --git a/roles/dns/tasks/main.yml b/roles/dns/tasks/main.yml
index d6bfb2f..f414e59 100644
--- a/roles/dns/tasks/main.yml
+++ b/roles/dns/tasks/main.yml
@@ -68,11 +68,11 @@
     path: /usr/local/etc/nsd/zones
     state: directory
 
-- name: NSD - copy zone files
+- name: NSD - generate zone files
   template:
     src: "zones/{{ item }}.zone.j2"
     dest: "/usr/local/etc/nsd/zones/{{ item }}.zone"
-  with_items: "{{ nsd.zones }}"
+  with_items: "{{ domains }}"
   notify: reload-nsd
 
 - name: NSD - enable and start service
diff --git a/roles/dns/templates/nsd.conf.j2 b/roles/dns/templates/nsd.conf.j2
index f154796..0777bef 100644
--- a/roles/dns/templates/nsd.conf.j2
+++ b/roles/dns/templates/nsd.conf.j2
@@ -114,21 +114,20 @@ pattern:
     # nsd-control stats and stats_noreset.
     zonestats: "%s"
 
-    # Notify these slaves when the master zone changes
-    notify: 174.37.196.55   NOKEY  # freedns.afraid.org
-    notify: 93.95.224.6     NOKEY  # 1984hosting.com
-
-    # Allow these IPs and TSIG to transfer zones.
-    provide-xfr: 174.37.196.55  NOKEY  # freedns.afraid.org
-    provide-xfr: 93.95.224.6    NOKEY  # 1984hosting.com
+    # Notify these slaves when the master zone changes, and allow them
+    # to transfer zones.
+{% for server in nameservers %}
+    notify: {{ server.xfr_ip }} NOKEY  # {{ server.name }}
+    provide-xfr: {{ server.xfr_ip }} NOKEY  # {{ server.name }}
+{% endfor %}
 
 
 # Fixed zone entries.  Here you can config zones that cannot be deleted.
 # Zones that are dynamically added and deleted are put in the zonelist file.
 #
-{% for zone in nsd.zones %}
+{% for domain in domains %}
 zone:
-    name: "{{ zone }}"
+    name: "{{ domain }}"
     include-pattern: "stealth_zones"
 
 {% endfor %}