<?xml version='1.0' encoding='UTF-8'?>
<rougail version="0.10">
  <services>
    <service name="nsd" target="multi-user">
      <override engine="none"/>
      <ip ip_type="variable">nsd_allowed_all_client</ip>
      <file engine="ansible">/etc/nsd/conf.d/risotto.conf</file>
      <file engine="ansible" file_type="variable" source="nsd.zone" variable="nsd_zones" included="content">nsd_zone_filenames</file>
      <file engine="ansible" file_type="variable" source="nsd.signed" variable="nsd_zone_filenames">nsd_zone_filenames_signed</file>
      <file engine="ansible" file_type="variable" source="nsd.reverse" variable="nsd_reverse_names" included="content">nsd_reverse_filenames</file>
      <file engine="ansible" file_type="variable" source="nsd.signed" variable="nsd_reverse_filenames">nsd_reverse_filenames_signed</file>
      <file engine="none" source="sysuser-nsd.conf">/sysusers.d/0nsd.conf</file>
      <file engine="none" source="tmpfile-nsd.conf">/tmpfiles.d/0nsd.conf</file>
      <file engine="ansible" filelist="copy_tests">/tests/nsd.yml</file>
    </service>
  </services>
  <variables>
    <family name="network">
      <variable name="dns_client_address" redefine="True" disabled="True"/>
      <variable name="ip_dns" redefine="True" remove_fill="True"/>
    </family>
    <family name="dns_server" description="Serveur DNS">
      <variable name="nsd_allowed_client_cidr" type="network_cidr" description="Clients autorisés à interroger le serveur DNS" multi="True"/>
      <variable name="nsd_resolver" type="domainname" description="Nom de domaine du résolveur DNS associé"/>
      <variable name="nsd_allowed_all_client" type="network_cidr" description="All autorised IP" multi="True" hidden="True"/>
    </family>
    <family name="dns_zone" description="Zone DNS">
      <variable name="nsd_zones" type="domainname" description="Zones DNS" multi="True" mandatory="True"/>
    </family>
    <family name="dns_reverses" description="Zone DNS reverse" leadership="True">
      <variable name="nsd_reverse_network" description="Réseau pour la résolution reverse" type="network_cidr" multi="True"/>
      <variable name="nsd_reverse_name" description="Nom de la zone" hidden="True"/>
    </family>
    <variable name="nsd_reverse_networks" description="Réseaux pour la résolution inverse" hidden="True" multi="True"/>
    <variable name="nsd_reverse_names" description="Nom des zones" hidden="True" multi="True"/>
    <variable name="nsd_zones_all" type="domainname" multi="True" supplier="ExternalDNS:authority_zones" hidden="True"/>
    <variable name="nsd_zone_filenames" type="filename" description="Nom des fichiers de zone" multi="True" hidden="True"/>
    <variable name="nsd_zone_filenames_signed" type="filename" description="Nom des fichiers de zone signé" multi="True" hidden="True"/>
    <variable name="nsd_reverse_filenames" type="filename" description="Nom des fichiers de zone reverse" multi="True" hidden="True"/>
    <variable name="nsd_reverse_filenames_signed" type="filename" description="Nom des fichiers de zone reverse signé" multi="True" hidden="True"/>
  </variables>
  <constraints>
    <fill name="calc_value">
      <param type="variable">ip_eth0</param>
      <target>ip_dns</target>
    </fill>
    <fill name="nsd_concat_lists">
      <param type="variable">nsd_zones</param>
      <param type="variable">nsd_reverse_name</param>
      <target>nsd_zones_all</target>
    </fill>
    <fill name="nsd_concat_lists">
      <param type="variable">ip_eth</param>
      <param type="variable">nsd_allowed_client_cidr</param>
      <param type="variable" optional="True">nsd_allowed_client_ip</param>
      <param type="variable" name="ip" optional="True">nsd_resolve_ip</param>
      <param type="boolean" name="cidr">True</param>
      <target>nsd_allowed_all_client</target>
    </fill>
    <fill name="get_reverse_name">
      <param type="variable">nsd_reverse_network</param>
      <target>nsd_reverse_name</target>
    </fill>
    <fill name="calc_reverse_networks">
      <param type="variable">nsd_reverse_network</param>
      <target>nsd_reverse_networks</target>
    </fill>
    <fill name="calc_reverse_names">
      <param type="variable">nsd_reverse_name</param>
      <target>nsd_reverse_names</target>
    </fill>
    <fill name="calc_value">
      <param>/etc/nsd/</param>
      <param type="variable">nsd_zones</param>
      <param>.zone</param>
      <param name="join"></param>
      <param name="multi" type="boolean">True</param>
      <target>nsd_zone_filenames</target>
    </fill>
    <fill name="calc_value">
      <param type="variable">nsd_zone_filenames</param>
      <param>.signed</param>
      <param name="join"></param>
      <param name="multi" type="boolean">True</param>
      <target>nsd_zone_filenames_signed</target>
    </fill>
    <fill name="calc_value">
      <param>/etc/nsd/</param>
      <param type="variable">nsd_reverse_name</param>
      <param>reverse</param>
      <param name="remove_duplicate_value" type="boolean">True</param>
      <param name="join"></param>
      <param name="multi" type="boolean">True</param>
      <target>nsd_reverse_filenames</target>
    </fill>
    <fill name="calc_value">
      <param type="variable">nsd_reverse_filenames</param>
      <param>.signed</param>
      <param name="join"></param>
      <param name="multi" type="boolean">True</param>
      <target>nsd_reverse_filenames_signed</target>
    </fill>
  </constraints>
</rougail>