//
// named.conf
//
{{ ansible_managed | comment('c') }}
//
{% for acl in bind_acls %}
acl "{{ acl.name }}" {
{% for match in acl.match_list %}
  {{ match }};
{% endfor %}
};

{% endfor %}
options {
  listen-on port 53 { {{ bind_listen_ipv4|join(';') }}; };
  listen-on-v6 port 53 { {{ bind_listen_ipv6|join(';') }}; };
  directory   "{{ bind_dir }}";
  dump-file   "{{ bind_dir }}/data/cache_dump.db";
  statistics-file "{{ bind_dir }}/data/named_stats.txt";
  memstatistics-file "{{ bind_dir }}/data/named_mem_stats.txt";
  allow-query     { {{ bind_allow_query|join(';') }}; };
{% if bind_acls|length != 0 %}
  allow-transfer  { {% for acl in bind_acls %}"{{ acl.name }}"; {% endfor %}};
{% endif %}

  recursion {% if bind_recursion %}yes{% else %}no{% endif %};
  {% if bind_recursion %}allow-recursion { {{ bind_allow_recursion|join('; ') }}; };
  {% endif %}
{% if bind_forwarders|length > 0 %}forwarders { {{ bind_forwarders|join('; ') }}; };{% endif %}
  {% if bind_forward_only %}forward only;{% endif %}

  rrset-order { order {{ bind_rrset_order }}; };

  dnssec-enable {{ bind_dnssec_enable }};
  dnssec-validation {{ bind_dnssec_validation }};

  /* Path to ISC DLV key */
  bindkeys-file "{{ bind_bindkeys_file }}";

  managed-keys-directory "{{ bind_dir }}/dynamic";

  pid-file "{{ bind_pid_file }}";
  session-keyfile "{{ bind_session_keyfile }}";

{% if bind_query_log is defined %}
  querylog yes;
{% endif %}
};

{% if bind_statistics_channels %}
statistics-channels {
  inet {{ bind_statistics_host }} port {{ bind_statistics_port }} allow { {{ bind_statistics_allow|join('; ') }}; };
};
{% endif %}

logging {
  channel default_debug {
    file "{{ bind_log }}";
    severity dynamic;
    print-time yes;
  };
{% if bind_query_log is defined %}
  channel querylog {
    {% if bind_query_log.file is defined %}
      file "{{ bind_query_log.file }}" versions {{ bind_query_log.versions }} size {{ bind_query_log.size }};
    {% else %}
      file "{{ bind_query_log }}" versions 600 size 20m;
    {% endif %}
    severity dynamic;
    print-time yes;
  };
  category queries { querylog; };
{% endif %}
};

{% for file in bind_default_zone_files %}
include "{{ file }}";
{% endfor %}
{% for file in bind_extra_include_files %}
include "{{ file }}";
{% endfor %}

{% if bind_zone_domains is defined %}
{% for bind_zone in bind_zone_domains %}
{% if bind_zone.create_forward_zones is not defined or bind_zone.create_forward_zones %}
zone "{{ bind_zone.name }}" IN {
  type slave;
  masters { {{ bind_zone_master_server_ip }}; };
  file "{{ bind_slave_dir }}/{{ bind_zone.name }}";
{% if bind_zone.delegate is defined %}
  forwarders {};
{% endif %}
};
{% endif %}

{% if bind_zone.create_reverse_zones is not defined or bind_zone.create_reverse_zones %}
{% if bind_zone.networks is defined %}
{% for network in bind_zone.networks %}
zone "{{ ('.'.join(network.replace(network+'.','').split('.')[::-1])) }}.in-addr.arpa" IN {
  type slave;
  masters { {{ bind_zone_master_server_ip }}; };
  file "{{ bind_slave_dir }}/{{ ('.'.join(network.replace(network+'.','').split('.')[::-1])) }}.in-addr.arpa";
};
{% endfor %}
{% endif %}
{% endif %}

{% if bind_zone.create_reverse_zones is not defined or bind_zone.create_reverse_zones %}
{% if bind_zone.ipv6_networks is defined %}
{% for network in bind_zone.ipv6_networks %}
zone "{{ (network | ipaddr('revdns'))[-(9+(network|regex_replace('^.*/','')|int)//2):] }}" IN {
  type slave;
  masters { {{ bind_zone_master_server_ip }}; };
  file "{{ bind_slave_dir }}/{{ (network | ipaddr('revdns'))[-(9+(network|regex_replace('^.*/','')|int)//2):-1] }}";
};
{% endfor %}
{% endif %}
{% endif %}
{% endfor %}
{% endif %}