- name: Gather facts of all public available hosts
  hosts: public_available
  gather_facts: yes

- name: Configure nvak as dns server
  hosts: nvak.banananet.work
  vars:
    nvak_dns_slaves: []
  pre_tasks:
    - name: Load ssh host key dns fingerprint for host
      command: cat "{{ global_ssh_host_key_directory | quote }}/{{ item | quote }}/dns"
      delegate_to: localhost
      register: ssh_key_dns_fpr_raw
      changed_when: False
      loop: "{{ groups['public_available'] }}"
    - name: Remap ssh host key dns fingerprints
      set_fact:
        ssh_key_dns_fpr_map: "{{ ssh_key_dns_fpr_raw.results | items2dict(key_name='item', value_name='stdout') }}"
  roles:
    - role: dns/master
      domain: banananet.work
      main_nameserver_domain: ns1.banananet.work.
      responsible_mail_name: admin.banananet.work.
      slaves: "{{ nvak_dns_slaves }}"
      entries: |
        ; Name Servers
        @ IN NS ns1
        ns1 IN A {{ ansible_default_ipv4.address }}
        ns1 IN AAAA {{ ansible_default_ipv6.address }}
        ; Automatic server addresses
        {% for fqdn in groups['public_available'] %}
        {{ fqdn }}. IN A {{ hostvars[fqdn].ansible_default_ipv4.address }}
        {{ fqdn }}. IN AAAA {{ hostvars[fqdn].ansible_default_ipv6.address }}
        {{ ssh_key_dns_fpr_map[fqdn] }}
        {% endfor %}
        ; Public use domains
        @ IN A {{ ansible_default_ipv4.address }}
        @ IN AAAA {{ ansible_default_ipv6.address }}
        auth IN CNAME nvak
        cloud IN CNAME nvak
        test.cloud IN CNAME nvak
        dsa IN CNAME nvak
        firefox IN CNAME nvak
        git IN CNAME nvak
        keys IN CNAME rurapenthe
        rss IN CNAME nvak
        wg IN CNAME nvak
        _minecraft._tcp.wg IN SRV 10 10 {{ project_wg_minecraft_port }} mc.wg
        mc.wg IN CNAME nvak
        _minecraft._tcp.mc.wg IN SRV 10 10 {{ project_wg_minecraft_port }} mc.wg
        ; Mail
        @ IN MX 10 nvak
        @ IN TXT "v=spf1 +mx -all"
        mail IN CNAME nvak
        imap IN CNAME nvak
        smtp IN CNAME nvak
    - role: dns/master
      domain: forumderschan.de
      main_nameserver_domain: ns1.banananet.work.
      responsible_mail_name: admin.banananet.work.
      slaves: "{{ nvak_dns_slaves }}"
      entries: |
        ; Name Servers
        @ IN NS ns1.banananet.work.
        @ IN NS ns2.banananet.work.
        ; WebPage
        @ IN A {{ ansible_default_ipv4.address }}
        @ IN AAAA {{ ansible_default_ipv6.address }}
        www IN A {{ ansible_default_ipv4.address }}
        www IN AAAA {{ ansible_default_ipv6.address }}
        ; Mail
        @ IN MX 10 nvak
        @ IN TXT "v=spf1 +mx -all"
    - role: dns/master
      domain: spotme.fun
      main_nameserver_domain: ns1.banananet.work.
      responsible_mail_name: admin.banananet.work.
      slaves: "{{ nvak_dns_slaves }}"
      entries: |
        ; Name Servers
        @ IN NS ns1.banananet.work.
        @ IN NS ns2.banananet.work.
        ; Web Page
        @ IN A {{ ansible_default_ipv4.address }}
        @ IN AAAA {{ ansible_default_ipv6.address }}
        www IN A {{ ansible_default_ipv4.address }}
        www IN AAAA {{ ansible_default_ipv6.address }}
        ; Mail
        @ IN MX 10 nvak
        @ IN TXT "v=spf1 +mx -all"
    - role: dns/master
      domain: stadtpiraten-karlsruhe.de
      main_nameserver_domain: ns1.banananet.work.
      resposible_mail_name: admin.banananet.work.
      slaves: "{{ nvak_dns_slaves }}"
      entries: |
        ; Name Servers
        @ IN NS ns1.banananet.work.
        @ IN NS ns2.banananet.work.
        ; WebPages
        @ IN A {{ ansible_default_ipv4.address }}
        @ IN AAAA {{ ansible_default_ipv6.address }}
        www IN A {{ ansible_default_ipv4.address }}
        www IN AAAA {{ ansible_default_ipv6.address }}
        forum IN A {{ ansible_default_ipv4.address }}
        forum IN AAAA {{ ansible_default_ipv6.address }}
        ; Mail
        @ IN MX 10 nvak
        @ IN TXT "v=spf1 +mx -all"