server: {% if 'address' in ansible_facts.default_ipv4 %} ip-address: {{ ansible_facts.default_ipv4.address }} {% endif %} {% if 'address' in ansible_facts.default_ipv6 %} ip-address: {{ ansible_facts.default_ipv6.address }} {% endif %} ip-transparent: no debug-mode: no database: /var/lib/nsd/nsd.db identity: {{ inventory_hostname }} server-count: 1 tcp-count: 250 tcp-query-count: 0 ipv4-edns-size: 4096 ipv6-edns-size: 4096 pidfile: /run/nsd/nsd.pid port: 53 username: nsd zonesdir: /var/lib/nsd xfrdfile: /var/lib/nsd/xfrd.state xfrd-reload-timeout: 1 verbosity: 0 hide-version: no rrl-size: 1000000 rrl-ratelimit: 200 rrl-slip: 2 rrl-ipv4-prefix-length: 24 rrl-ipv6-prefix-length: 64 rrl-whitelist-ratelimit: 4000 key: name: tsig algorithm: {{ tsig_key.algorithm }} secret: {{ tsig_key.secret }} {% for zone in dns_zones %} zone: name: {{ zone.name }} zonefile: /var/lib/nsd/zone/{{ zone.name }} allow-notify: {{ dns_master }} NOKEY request-xfr: AXFR {{ dns_master }} tsig {% endfor %}