//
// {{ ansible_managed }}
//

// ACLs
masters "ns-master-{{ item.domain_code }}" {
	{{ item.dns.master }};
};

{% if item.dns.forward_zones is defined %}
{% for zone in item.dns.forward_zones %}
{% if zone.master is defined %}
masters "ns-master-{{ zone.name }}" {
	{{ zone.master }};
};

{% endif %}
{% endfor %}
{% endif %}

acl "intern-{{ item.domain_code }}" {
	{{ item.ipv4_network | ipaddr('net') | ipaddr('network/prefix') }};
{% for prefix in item.ipv6_ula %}
	{{ prefix | ipaddr('net') | ipaddr('network/prefix') }};
{% endfor %}
};

{% if item.dns.forward_zones is defined %}
// DNS forward zones for {{ item.domain_code }}
{% for zone in item.dns.forward_zones %}
zone "{{ zone.name }}." {
	type slave;
	file "{{ zone.name }}.db";
{% if zone.master is defined %}
	masters { ns-master-{{ zone.name }}; };
{% else %}
	masters { ns-master-{{ item.domain_code }}; };
{% endif %}
};
{% if not loop.last %}

{% endif %}
{% endfor %}
{% endif %}

// DNS reverse zones for {{ item.domain_code }}
zone "{{ item.ipv4_network | ipaddr('net') | ipaddr('revdns') }}" {
	type slave;
	file "{{ item.ipv4_network | ipaddr('net') | ipaddr('revdns') }}";
	masters { ns-master-{{ item.domain_code }}; };
};

{% for prefix in item.ipv6_ula %}
zone "{{ prefix | ipaddr('net') | ipaddr('revdns') }}" {
	type slave;
	file "{{ prefix | ipaddr('net') | ipaddr('revdns') }}";
	masters { ns-master-{{ item.domain_code }}; };
};
{% if not loop.last %}

{% endif %}
{% endfor %}