- name: package are installed
  apt:
    name:
      - bind9
      - dnstop
    state: present

- name: Set bind configuration for recursive server
  template:
    src: named.conf.options_recursive.j2
    dest: /etc/bind/named.conf.options
    owner: bind
    group: bind
    mode: "0644"
    force: yes
  notify: restart bind
  when: bind_recursive_server

- name: enable zones.rfc1918 for recursive server
  lineinfile:
    dest: /etc/bind/named.conf.local
    line: 'include "/etc/bind/zones.rfc1918";'
    regexp: "zones.rfc1918"
  notify: restart bind
  when: bind_recursive_server

- name: Set bind configuration for authoritative server
  template:
    src: named.conf.options_authoritative.j2
    dest: /etc/bind/named.conf.options
    owner: bind
    group: bind
    mode: "0644"
    force: yes
  notify: restart bind
  when: bind_authoritative_server

- name: Create systemd service
  template:
    src: bind9.service.j2
    dest: "{{ bind_systemd_service_path }}"
    owner: root
    group: root
    mode: "0644"
    force: yes
  notify:
  - reload systemd
  - restart bind
  when: ansible_distribution_release == "jessie"

- name: touch /var/log/bind.log if non chroot
  file:
    path: /var/log/bind.log
    owner: bind
    group: adm
    mode: "0640"
    state: touch
  when: bind_chroot_set == False

- name: touch /var/log/bind_queries.log if non chroot
  file:
    path: /var/log/bind_queries.log
    owner: bind
    group: adm
    mode: "0640"
    state: touch
  when: bind_authoritative_server and bind_chroot_set == False

- name: send chroot-bind.sh in /root
  copy:
    src: chroot-bind.sh
    dest: /root/chroot-bind.sh
    mode: "0700"
    owner: root
    force: yes
    backup: yes
  when: bind_chroot_set

- name: exec chroot-bind.sh
  command: "/root/chroot-bind.sh"
  register: chrootbind_run
  changed_when: False
  when: bind_chroot_set

- debug:
    var: chrootbind_run.stdout_lines
  when: bind_chroot_set and chrootbind_run.stdout != ""

- name: Modify OPTIONS in /etc/default/bind9 for chroot
  replace:
    dest: /etc/default/bind9
    regexp: '^OPTIONS=.*'
    replace: 'OPTIONS="-u bind -t {{ bind_chroot_path }}"'
  notify: restart bind
  when: bind_chroot_set

- name: logrotate for non chroot bind
  template:
    src: logrotate_bind
    dest: /etc/logrotate.d/bind
    owner: root
    group: root
    mode: "0644"
    force: yes
  notify: restart bind
  when: bind_chroot_set == False

- name: logrotate for chroot bind
  template:
    src: logrotate_bind_chroot.j2
    dest: /etc/logrotate.d/bind
    owner: root
    group: root
    mode: "0644"
    force: yes
  notify: restart bind
  when: bind_chroot_set