From 2b6c1ed1080bc1d9ad9502ed3a2b3187be3ce687 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Flor=C3=A9al=20Toumikian?= <floreal@nimukaito.net>
Date: Fri, 17 May 2024 19:10:03 +0200
Subject: [PATCH] Enhancement: Structure

---
 playbooks/01-primary-ns.yaml                  | 12 ++++--------
 .../tasks/ns/files/db.trans13nrv.eu.org.zone  |  0
 playbooks/tasks/ns/primary-zone.yml           | 19 +++++++++++--------
 .../ns/templates}/named.conf.primary-zone.j2  |  6 +++---
 playbooks/vars.yml                            |  5 ++++-
 5 files changed, 22 insertions(+), 20 deletions(-)
 rename files/ns/zones/trans13nrv.eu.org.zone => playbooks/tasks/ns/files/db.trans13nrv.eu.org.zone (100%)
 rename {templates/ns/zone => playbooks/tasks/ns/templates}/named.conf.primary-zone.j2 (67%)

diff --git a/playbooks/01-primary-ns.yaml b/playbooks/01-primary-ns.yaml
index b050a2a..117894d 100644
--- a/playbooks/01-primary-ns.yaml
+++ b/playbooks/01-primary-ns.yaml
@@ -1,9 +1,5 @@
 - name: Configuration of ns zones
   hosts: primarydns
-  vars:
-    zones:
-      - zome:
-          domain_name: trans13nrv.eu.org
 
   tasks:
     - name: Use variables
@@ -25,19 +21,19 @@
         state: directory
         owner: "{{ root.user }}"
         group: "{{ dns.group }}"
-        mode: "660"
+        mode: "775"
 
     - name: Ensure required keys zone directory is present
       ansible.builtin.file:
-        path: "{{ dns.paths.keys }}"
+        path: "{{ dns.paths.keys_dir }}"
         state: directory
         owner: "{{ dns.user }}"
         group: "{{ dns.group }}"
-        mode: "660"
+        mode: "770"
 
     - name: Prymary Zones
       ansible.builtin.include_tasks: tasks/ns/primary-zone.yml
-      loop: "{{ zones }}"
+      with_list: "{{ dns.zones }}"
 
     - name: Reload bind9 service
       ansible.builtin.service:
diff --git a/files/ns/zones/trans13nrv.eu.org.zone b/playbooks/tasks/ns/files/db.trans13nrv.eu.org.zone
similarity index 100%
rename from files/ns/zones/trans13nrv.eu.org.zone
rename to playbooks/tasks/ns/files/db.trans13nrv.eu.org.zone
diff --git a/playbooks/tasks/ns/primary-zone.yml b/playbooks/tasks/ns/primary-zone.yml
index 5c3b9cc..6df82b9 100644
--- a/playbooks/tasks/ns/primary-zone.yml
+++ b/playbooks/tasks/ns/primary-zone.yml
@@ -1,25 +1,28 @@
 ---
-- vars:
-    zone_config_file: "{{ dns.patch.etc }}/named.conf.{{ zone.domain_name }}"
-    zone_db_file: "{{ dns.patch.primary_zones }}/db.{{ zone.domain_name }}.zone"
+- name: "Setting facts for zone {{ item.zone.domain_name }}"
+  ansible.builtin.set_fact:
+    zone_config_file: "{{ dns.paths.etc }}/named.conf.{{ item.zone.domain_name }}"
+    zone_db_file: "{{ dns.paths.primary_zones }}/db.{{ item.zone.domain_name }}.zone"
+    domain_name: "{{ item.zone.domain_name }}"
 
 - name: Updating primary zone db file
-  ansible.builtin.file:
-    src: "file/ns/zone/db.{{ zone.domain_name }}"
+  ansible.builtin.copy:
+    src: "tasks/ns/files/db.{{ domain_name }}.zone"
     dest: "{{ zone_db_file }}"
+    mode: "644"
 
 - name: "Creating zone {{ domain_name }}"
   ansible.builtin.template:
-    src: templates/ns/zone/named.conf.primary-zone.j2
+    src: tasks/ns/templates/named.conf.primary-zone.j2
     dest: "{{ zone_config_file }}"
     mode: "644"
 
 - name: "Including zone configuration to global configuration"
   ansible.builtin.blockinfile:
-    path: "{{ dns.path.etc }}/named.conf.local"
+    path: "{{ dns.paths.etc }}/named.conf.local"
     state: present
     marker: "// {mark} ANSIBLE MANAGED BLOCK FOR {{ domain_name }} ZONE"
     block: |
-      "include \"{{ zone_config_file }}\"";
+      include "{{ zone_config_file }}";
     marker_begin: BEGIN
     marker_end: END
diff --git a/templates/ns/zone/named.conf.primary-zone.j2 b/playbooks/tasks/ns/templates/named.conf.primary-zone.j2
similarity index 67%
rename from templates/ns/zone/named.conf.primary-zone.j2
rename to playbooks/tasks/ns/templates/named.conf.primary-zone.j2
index d253088..3894eb1 100644
--- a/templates/ns/zone/named.conf.primary-zone.j2
+++ b/playbooks/tasks/ns/templates/named.conf.primary-zone.j2
@@ -1,5 +1,5 @@
 acl "{{ domain_name }}-acl" {
-{% if transfer_hosts %}
+{% if transfer_hosts is defined and transfer_hosts|length %}
 {% for ip in transfer_hosts %}
   {{ ip }};
 {% endfor %}
@@ -10,7 +10,7 @@ acl "{{ domain_name }}-acl" {
 
 zone "{{ domain_name }}" IN {
   type master;
-  file "{{ dns.paths.primary_zones }}/db.{{ domain_name }}";
+  file "{{ dns.paths.primary_zones }}/db.{{ domain_name }}.zone";
   #auto-dnssec maintain;
   inline-signing yes;
   dnssec-policy default;
@@ -18,5 +18,5 @@ zone "{{ domain_name }}" IN {
   allow-update { none; };
   allow-transfer { {{ domain_name }}-acl; };
   notify yes;
-  key-directory "{{ dns.paths.keys }}";
+  key-directory "{{ dns.paths.keys_dir }}";
 };
diff --git a/playbooks/vars.yml b/playbooks/vars.yml
index f64d538..196086c 100644
--- a/playbooks/vars.yml
+++ b/playbooks/vars.yml
@@ -2,8 +2,11 @@ dns:
   paths:
     etc: /etc/bind/
     primary_zones: /etc/bind/primary
-    keys: /etc/bind/primary/keys
+    keys_dir: /etc/bind/primary/keys
   user: bind
   group: bind
+  zones:
+  - zone:
+      domain_name: trans13nrv.eu.org
 root:
   user: root
\ No newline at end of file