infra/roles/bind-role/tasks/master.yml

# roles/bind/tasks/master.yml
# Set up a BIND master server
---
- name: Master | Main BIND config file (master)
  template:
    src: master_etc_named.conf.j2
    dest: "{{ bind_config }}"
    owner: "{{ bind_owner }}"
    group: "{{ bind_group }}"
    mode: '0640'
    setype: named_conf_t
    validate: 'named-checkconf -t / %s'
  notify: restart bind
  tags: bind

- name: Master | Create forward lookup zone file
  template:
    src: bind_zone.j2
    dest: "{{ bind_chroot }}/{{ bind_zone_dir }}/{{ bind_zone_name }}"
    owner: "{{ bind_owner }}"
    group: "{{ bind_group }}"
    mode: "0640"
    setype: named_zone_t
    validate: 'named-checkzone -d {{ bind_zone_name }} %s'
  notify: restart bind
  tags: bind

- name: Master | Create reverse lookup zone file
  template:
    src: reverse_zone.j2
    dest: "{{ bind_chroot }}/{{ bind_zone_dir }}/{{ ('.'.join(item.replace(item+'.','').split('.')[::-1])) }}.in-addr.arpa"
    owner: "{{ bind_owner }}"
    group: "{{ bind_group }}"
    mode: "0640"
    setype: named_zone_t
    validate: "named-checkzone {{ ('.'.join(item.replace(item+'.','').split('.')[::-1])) }}.in-addr.arpa %s"
  with_items: "{{ bind_zone_networks }}"
  notify: restart bind
  tags: bind

- name: Master | Create reverse IPv6 lookup zone file
  template:
    src: reverse_zone_ipv6.j2
    dest: "{{ bind_chroot }}/{{bind_zone_dir}}/{{ (item | ipaddr('revdns'))[-(9+(item|regex_replace('^.*/','')|int)//2):-1] }}"
    owner: "{{ bind_owner }}"
    group: "{{ bind_group }}"
    mode: "0640"
    setype: named_zone_t
    #validate: "named-checkzone {{ (item | ipaddr('revdns'))[-(9+(item|regex_replace('^.*/','')|int)//2):] }} %s"
  with_items: "{{ bind_zone_ipv6_networks }}"
  #notify: restart bind
  tags: bind