- name: configure primary nameserver
  hosts: primary_dns
  remote_user: devops
  become: yes

  tasks:
    - name: install BIND9
      yum:
        name: bind
        state: present

    - name: copy primary config file
      copy:
        src: files/primary-named.conf
        dest: /etc/named.conf
        owner: root
        group: named
        mode: 0640
      notify:
        - reload_named

    - name: copy forward zone file to primary
      copy:
        src: files/primary-backend.lab.example.com.zone
        dest: /var/named/backend.lab.example.com.zone
        owner: root
        group: named
        mode: 0640
      notify:
        - reload_named

    - name: copy reverse zone to primary
      copy:
        src: files/primary-192.168.0.zone
        dest: /var/named/192.168.0.zone
        owner: root
        group: named
        mode: 0640

    - name: copy backend config file
      copy:
        src: files/primary-named.backend.conf
        dest: /etc/named.backend.conf
        owner: root
        group: named
        mode: 0640
      notify:
        - reload_named

    - name: allow dns on firewall
      firewalld:
        service: dns
        state: enabled
        immediate: yes
        permanent: yes

    - name: ensure named is running and enabled
      service:
        name: named
        state: started
        enabled: yes

  handlers:
    - name: reload_named
      service:
        name: named
        state: reloaded