---
version: 1.1

network:

  dns_client_address:
    redefine: true
    disabled: true

  ip_dns:
    redefine: true
    default:
      variable: _.interface_0.ip

dns_server:  # Serveur DNS

  nsd_allowed_client_cidr:
    type: network_cidr
    description: Clients autorisés à interroger le serveur DNS
    multi: true
    mode: basic
    mandatory: false

  nsd_resolver:
    type: domainname
    description: Nom de domaine du résolveur DNS associé
    mode: basic
    mandatory: false

  nsd_allowed_all_client:
    type: network_cidr
    description: All autorised IP
    multi: true
    hidden: true
    default:
      jinja: |-
        {%- if _.nsd_allowed_client_ip is defined -%}
        {%- set nsd_allowed_client_ip = _.nsd_allowed_client_ip -%}
        {%- set nsd_resolve_ip = _.nsd_resolve_ip -%}
        {%- else -%}
        {%- set nsd_allowed_client_ip = none -%}
        {%- set nsd_resolve_ip = none -%}
        {%- endif -%}
        {%- for network in ip_eth | nsd_concat_lists(_.nsd_allowed_client_cidr,
                                                     nsd_allowed_client_ip,
                                                     ip=nsd_resolve_ip,
                                                     cidr=true)
           %}
        {{ network }}
        {%- endfor -%}
      params:
        ip_eth:
          variable: general.network.interface_{{ suffix }}.ip

dns_zone:  # Zone DNS

  nsd_zones:
    type: domainname
    description: Zones DNS
    multi: true
    examples:
      - subdomain.example.net
    mode: basic

dns_reverses:
  description: Zone DNS reverse
  type: leadership

  nsd_reverse_network:
    description: Réseau pour la résolution reverse
    type: network_cidr
    mode: basic
    mandatory: false

  nsd_reverse_name:
    description: Nom de la zone
    hidden: true
    default:
      jinja: >-
        {{ _.nsd_reverse_network | get_reverse_name }}

nsd_reverse_networks:
  description: Réseaux pour la résolution inverse
  hidden: true
  multi: true
  mandatory: false
  default:
    jinja: |-
      {%- for n in _.dns_reverses.nsd_reverse_network|calc_reverse_networks %}
      {{ n }}
      {%- endfor -%}

nsd_reverse_names:
  description: Nom des zones
  hidden: true
  multi: true
  mandatory: false
  default:
    jinja: |-
      {%- for zone in _.dns_reverses.nsd_reverse_name | calc_reverse_names %}
      {{ zone }}
      {%- endfor -%}

nsd_zones_all:
  type: domainname
  multi: true
  supplier: ExternalDNS:authority_zones
  hidden: true
  default:
    jinja: |-
      {%- for zone in _.dns_zone.nsd_zones |
            nsd_concat_lists(_.dns_reverses.nsd_reverse_name) %}
      {{ zone }}
      {%- endfor -%}

nsd_zone_filenames:
  type: unix_filename
  description: Nom des fichiers de zone
  multi: true
  hidden: true
  default:
    jinja: |-
      {%- for zone in _.dns_zone.nsd_zones %}
      /etc/nsd/{{ zone }}.zone
      {%- endfor -%}

nsd_zone_filenames_signed:
  type: unix_filename
  description: Nom des fichiers de zone signé
  multi: true
  hidden: true
  default:
    jinja: |-
      {%- for filename in _.nsd_zone_filenames %}
      {{ filename }}.signed
      {%- endfor -%}

nsd_reverse_filenames:
  type: unix_filename
  description: Nom des fichiers de zone reverse
  multi: true
  hidden: true
  mandatory: false
  default:
    jinja: |-
      {% set filenames = [] %}
      {%- for name in _.dns_reverses.nsd_reverse_name %}
      {% set filename = "/etc/nsd/" + name + "reverse" %}
      {%- if filename not in filenames -%}
      {% set tmp = filenames.append(filename) %}
      {{ filename }}
      {%- endif -%}
      {%- endfor -%}

nsd_reverse_filenames_signed:
  type: unix_filename
  description: Nom des fichiers de zone reverse signé
  multi: true
  hidden: true
  mandatory: false
  default:
    jinja: |-
      {%- for filename in _.nsd_reverse_filenames %}
      {{ filename }}.signed
      {%- endfor -%}