- name: Install nsd
  apt:
    pkg:
      - nsd
      - ldnsutils
- name: Copy nsd.conf
  copy:
    src: "{{ role_path }}/files/nsd.conf"
    dest: /etc/nsd/nsd.conf
- name: Create zones directory
  file:
    path: /etc/nsd/zones
    state: directory
- name: Copy zone files
  copy:
    src: "{{ role_path }}/files/zones/"
    dest: /etc/nsd/zones
- name: Create keys directory
  file:
    path: /etc/nsd/keys
    state: directory
- name: Copy KSK private keys
  template:
    src: "{{ item }}"
    dest: "/etc/nsd/keys/{{ item | basename }}"
  with_fileglob:
    - "{{ role_path }}/files/keys/*.ksk.private"
- name: Copy KSK keys
  copy:
    src: "{{ item }}"
    dest: "/etc/nsd/keys/{{ item | basename }}"
  with_fileglob:
    - "{{ role_path }}/files/keys/*.ksk.key"
- name: Check if ZSKs exist
  stat:
    path: "/etc/nsd/keys/K{{ item | basename }}.zsk.key"
  register: zsks_exists
  with_fileglob:
    - "{{ role_path }}/files/zones/*"
- name: Create ZSK
  command:
    cmd: "ldns-keygen -a ED25519 {{ item.item | basename }}"
    chdir: /etc/nsd/keys
  register: create_zsk
  when: not item.stat.exists and (item.item | basename) in sign_zones
  with_items: "{{ zsks_exists.results }}"
- name: Rename ZSK key
  command:
    cmd: "mv {{ item.stdout }}.key K{{ item.item.item | basename }}.zsk.key"
    chdir: /etc/nsd/keys
  when: item.changed and (item.item | basename) in sign_zones
  with_items: "{{ create_zsk.results }}"
- name: Rename ZSK private key
  command:
    cmd: "mv {{ item.stdout }}.private K{{ item.item.item | basename }}.zsk.private"
    chdir: /etc/nsd/keys
  when: item.changed and (item.item | basename) in sign_zones
  with_items: "{{ create_zsk.results }}"
- name: Sign zones
  command:
    cmd: "ldns-signzone {{ item | basename }} /etc/nsd/keys/K{{ item | basename }}.zsk /etc/nsd/keys/K{{ item | basename }}.ksk"
    chdir: /etc/nsd/zones
  when: (item | basename) in sign_zones
  with_fileglob:
    - "{{ role_path }}/files/zones/*"
- name: Restart NSD
  systemd:
    name: nsd
    enabled: true
    state: reloaded