---
- name: Install Bind9
  apt:
    update_cache: true
    name: bind9
  register: apt_result
  retries: 3
  until: apt_result is succeeded

- name: Is this the master?
  set_fact:
    is_master: "{{ ansible_hostname in query('ldap', 'role', 'dns-primary') }}"
    cacheable: true

- name: Deploy Bind9 configuration
  template:
    src: bind/{{ item }}.j2
    dest: /etc/bind/{{ item }}
    mode: 0640
    owner: root
    group: bind
  loop:
    - named.conf
    - named.conf.local
    - named.conf.options
  notify: Reload Bind9

- include: dnssec.yml
  when: is_master

- name: Indicate role in motd
  template:
    src: update-motd.d/05-service.j2
    dest: /etc/update-motd.d/05-bind
    mode: 0755