ansible-playbooks/roles/ns/tasks/_main.yml

- name: install powerdns
  community.general.apk:
    name: pdns,pdns-openrc,pdns-backend-pgsql


- name: install powerdns docs for db init scripts
  community.general.apk:
    name: pdns-doc


- name: set powerdns to start on boot
  service:
    name: pdns
    enabled: yes


- name: create config directory
  file:
    path: /etc/pdns
    state: directory
    owner: pdns
    group: pdns
    mode: 0750
 

- name: create include directory
  file:
    path: /etc/pdns/custom
    state: directory
    owner: pdns
    group: pdns
    mode: 0750
 

- name: template pdns config
  template: 
    src: custom.j2
    dest: /etc/pdns/custom/custom.conf
    force: yes
    owner: pdns
    group: pdns
    mode: 0640


- name: add include-dir to default pdns config
  lineinfile:
    path: /etc/pdns/pdns.conf
    line: "include-dir=/etc/pdns/custom"
    create: yes
    owner: pdns
    group: pdns
    mode: 0640

- name: remove bad lines from default pdns config
  lineinfile:
    path: /etc/pdns/pdns.conf
    regex: "{{ item }}"
    state: absent
  loop:
    - "^use-logfile="
    - "^wildcards="


- block:
  - name: check if records table is missing (meaning the db is probably empty)
    community.postgresql.postgresql_query:
      db: "{{ db_name | mandatory }}"
      query: SELECT to_regclass('public.records');
    register: db_result
    changed_when: False
  
  - name: set db_is_empty fact
    set_fact:
      db_is_empty: "{{ (db_result.query_result is defined) and (db_result.query_result[0].to_regclass is none) }}"
  delegate_to: postgres



- name: fetch script from ns to ansible
  fetch:
    src: /usr/share/doc/pdns/schema.pgsql.sql
    dest: /tmp/
    flat: yes
  register: fetched
  when: db_is_empty
    

- block:
  - name: create temporary file on postgres for holding the script
    tempfile:
      state: file
    register: tf

  - name: upload script
    copy:
      src: "{{ fetched.dest }}"
      dest: "{{ tf.path }}"
      force: yes

  - name: execute script
    community.postgresql.postgresql_query:
      db: "{{ db_name | mandatory }}"
      path_to_script: "{{ tf.path }}"
      as_single_query: no

  - name: remove temp script
    file:
      path: "{{ tf.path }}"
      state: absent
  
  when: db_is_empty 
  delegate_to: postgres
  

- name: remove fetched script
  file:
    path: "{{ fetched.dest }}"
    state: absent
  when: db_is_empty 


- name: add default zones for all branches (+ root)
  command:
    cmd: "pdnsutil create-zone {% if item != 'root' %}{{ item }}.{% endif %}{{ corp_tld }} {{ ct_hostname }}.{{ corp_tld }}"
  register: res
  changed_when: (res.rc == 0) and ("Creating empty zone" in res.stderr)
  failed_when: (res.rc != 0) and ("exists already" not in res.stderr)
  loop: 
    "{{ corp_branches | default([]) + ['root'] }}"


- name: prepare list of NS records for subzones
  set_fact:
    ns_subs: "{{ ns_subs | default([]) + [{ 'zone': item, 'name': '@', 'type': 'NS', 'value': ct_hostname ~ '.' ~ corp_tld }] }}"
  loop: "{{ corp_branches | default([]) }}"


- name: ensure NS records in subzones exist
  include_tasks: ns_items.yml
  loop: "{{ ns_subs | default([]) }}"


- name: ensure NS record in root zone exists
  include_tasks: ns_items.yml
  vars:
    item: { 'zone': 'root', 'name': '@', 'type': 'NS', 'value': "{{ ct_hostname }}.{{ corp_tld }}" }


- name: prepare list of NS delegated records for root zone
  set_fact:
    ns_delegated: "{{ ns_delegated | default([]) + [{ 'zone': 'root', 'name': item, 'type': 'NS', 'value': ct_hostname ~ '.' ~ corp_tld }] }}"
  loop: "{{ corp_branches | default([]) }}"


- name: ensure NS delegated records exist in root zone
  include_tasks: ns_items.yml
  loop: "{{ ns_delegated | default([]) }}"


- name: rectify all zones
  command:
    cmd: "pdnsutil rectify-all-zones"
  register: res2
  changed_when: False
  failed_when: res2.rc != 0


- name: start powerdns
  service:
    name: pdns
    state: started