- Change of approch, instead of wrestling with config clauses that can

only be declared once or multiple times and the config templates, have a
single config template and have the values (blocks) will populate the
correct clauses. Update documentation.
- Better assertions.
- Install missing utilities for Testinfra to function.

README.rst

@@ -5,14 +5,13 @@ NSD
     :target: https://travis-ci.org/adarnimrod/nsd
 
 Provision an NSD authorative DNS server. By default the role has minimal
-configuration. You can add your own by overriding the default
-:code:`nsd_config` dictionary with your own for configuration under the
-:code:`server` block in :code:`nsd.conf`. For other blocks that can declared
-multiple times (like the :code:`zone` block) add your own templates in the
-:code:`templates/nsd/conf.d` directory either inside the role or next to your
-playbook. Likewise, zone templates can be added by placing them in
-:code:`templates/nsd/zones` (again either inside the role or relative to your
-playbook).
+configuration. Overriding :code:`nsd_server_block` with a text block will
+configure the :code:`server` clause of NSD, same for
+:code:`nsd_remote_control_block` and the :code:`remote-control` block. Multiple
+patterns, zones and keys are provided by overriding :code:`nsd_patterns`,
+:code:`nsd_zones` and :code:`nsd_keys` respectively. Zone file templates can be
+added by placing them in :code:`templates/nsd/zones` either inside the role or
+relative to your playbook.
 
 Requirements
 ------------

defaults/main.yml

@@ -2,7 +2,13 @@
 # defaults file for nsd
 
 nsd_mail_alias: root # Where to send mail for the NSD user.
-nsd_config: # key/value configuration under the server block, for more
-            # information consult the nsd.conf man page.
-    'rrl-ratelimit': 200
-    'rrl-whitelist-ratelimit': 2000
+nsd_server_block: |
+    rrl-ratelimit: 200
+    rrl-whitelist-ratelimit: 2000
+
+nsd_remote_control_block: |
+    control-enable: no
+
+nsd_patterns: []
+nsd_keys: []
+nsd_zones: []

tasks/main.yml

@@ -6,7 +6,11 @@
     that:
         - ansible_os_family in nsd_user
         - ansible_os_family in aliases_file
-        - nsd_config is iterable
+        - nsd_server_block is defined
+        - nsd_remote_control_block is defined
+        - nsd_patterns is iterable
+        - nsd_keys is iterable
+        - nsd_zones is iterable
 
 - name: APT install NSD
   when: ansible_pkg_mgr == 'apt'
@@ -16,60 +20,31 @@
       update_cache: yes
       cache_valid_time: 3600
 
-- name: Create conf.d directory
+- name: Create zones directory
   file:
-      path: '{{ nsd_conf_d }}'
+      path: '{{ nsd_zones_dir }}'
       state: directory
       owner: root
       group: 0
       mode: 0o755
 
-- name: Use the conf.d directory
-  lineinfile:
-      dest: '{{ nsd_conf }}'
-      line: 'include: "{{ nsd_conf_d }}/*.conf"'
-      insertafter: EOF
-      state: present
-  notify:
-      - Restart NSD
-
-- name: Add server block
-  lineinfile:
-      dest: '{{ nsd_conf }}'
-      line: 'server:'
-      insertbefore: BOF
-      state: present
-
 - name: Configure
-  with_dict: '{{ nsd_config }}'
-  lineinfile:
-      dest: '{{ nsd_conf }}'
-      line: '{{ item.key }}: {{ item.value }}'
-      regexp: '{{ item.key }}:'
-      insertafter: 'server:'
-  notify:
-      - Restart NSD
-
-- name: Copy configuration templates
-  with_fileglob:
-      - '{{ role_path }}/templates/nsd/conf.d/*'
-      - '{{ playbook_dir }}/templates/nsd/conf.d/*'
   template:
-      src: '{{ item }}'
-      dest: '{{ nsd_conf_d }}/'
+      src: nsd.conf.j2
+      dest: '{{ nsd_conf }}'
       owner: root
       group: 0
-      mode: 0o644
+      mode: 0o0644
   notify:
       - Restart NSD
 
-- name: Copy zones
+- name: Copy zone templates
   with_fileglob:
       - '{{ role_path }}/templates/nsd/zones/*'
       - '{{ playbook_dir }}/templates/nsd/zones/*'
   template:
       src: '{{ item }}'
-      dest: '{{ nsd_zones }}/'
+      dest: '{{ nsd_zones_dir }}/'
       owner: root
       group: 0
       mode: 0o644

templates/nsd.conf.j2

+server:
+{{ nsd_server_block }}
+
+remote-control:
+{{ nsd_remote_control_block }}
+
+{% for pattern in nsd_patterns %}
+pattern:
+{{ pattern }}
+
+{% endfor %}
+
+{% for key in nsd_keys %}
+key:
+{{ key }}
+
+{% endfor %}
+
+{% for zone in nsd_zones %}
+zone:
+{{ zone }}
+
+{% endfor %}

tests/playbook.yml

@@ -11,18 +11,12 @@
   strategy: free
   roles:
     - role: nsd
+      nsd_zones:
+          - |
+              name: "testzone"
+              zonefile: "testzone"
   post_tasks:
-      - name: Copy test zone
-        with_items:
-            - src: templates/nsd_conf_d/testzone.conf
-              dest: '{{ nsd_conf_d }}/testzone.conf'
-            - src: templates/nsd_zones/testzone
-              dest: '{{ nsd_zones }}/testzone'
-        template:
-            src: '{{ item.src }}'
-            dest: '{{ item.dest }}'
-            owner: root
-            group: 0
-            mode: 0o0644
-        notify:
-            - Restart NSD
+      - name: APT install test utilities
+        apt:
+            name: [net-tools, dnsutils]
+            state: present

tests/templates/nsd_conf_d/testzone.conf

-zone:
-    name: "testzone"
-    zonefile: "testzone"

vars/main.yml

@@ -2,8 +2,7 @@
 # vars file for nsd
 
 nsd_conf: '{{ "/var/nsd/etc/nsd.conf" if ansible_os_family == "OpenBSD" else "/etc/nsd/nsd.conf" }}'
-nsd_conf_d: '{{ nsd_conf }}.d'
-nsd_zones: '{{ "/var/nsd/zones" if ansible_os_family == "OpenBSD" else "/etc/nsd" }}'
+nsd_zones_dir: '{{ "/var/nsd/zones" if ansible_os_family == "OpenBSD" else "/etc/nsd" }}'
 
 aliases_file:
     OpenBSD: /etc/mail/aliases