Modified to work with FreeBSD

defaults/main.yml

@@ -1,10 +1,15 @@
 ---
+bind_user: bind
+bind_group: bind
+bind_config_basepath: /etc/bind
 bind_config_master_zones: []
+bind_config_master_allow_recursion: []
 bind_config_master_allow_transfer: []
 bind_config_master_forwarders: []
 bind_config_recursion: "no"
 bind_config_slave_zones: []
 bind_config_forward_zones: []
+bind_service_name: bind9
 bind_service_state: started
 bind_service_enabled: yes
 bind_pkg_state: installed
@@ -13,3 +18,9 @@ bind_masterzones_path: "masters"
 bind_slavezones_path: "slaves"
 bind_config_listen_on: any
 bind_config_allow_query: []
+bind_root_filename: db.root
+bind_pid_file_name: '/var/run/named/named.pid'
+bind_cache_path: '/var/cache/bind'
+bind_pkgs:
+  - bind9
+  - dnsutils

files/db.local

@@ -0,0 +1,13 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL    604800
+@       IN      SOA     localhost. root.localhost. (
+                              1         ; Serial
+                         604800         ; Refresh
+                          86400         ; Retry
+                        2419200         ; Expire
+                         604800 )       ; Negative Cache TTL
+;
+@       IN      NS      localhost.
+@       IN      A       127.0.0.1

tasks/main.yml

@@ -1,7 +1,29 @@
 ---
-- name: install bind packages
+- name: install bind packages (RedHat)
+  yum: pkg={{ item }} state={{ bind_pkg_state }}
+  with_items: bind_pkgs
+  when: ansible_os_family == 'RedHat'
+
+- name: install bind packages (Debian)
   apt: pkg={{ item }} state={{ bind_pkg_state }}
   with_items: bind_pkgs
+  when: ansible_os_family == 'Debian'
+
+- name: install bind packages (FreeBSD)
+  pkgng: pkg={{ item }} state=present
+  with_items: bind_pkgs
+  when: ansible_os_family == 'FreeBSD'
+
+- name: setup files
+  copy: src={{ item }} dest={{ bind_config_basepath }}/{{ item }} owner={{ bind_user }} group={{ bind_group }}
+  with_items:
+  - db.local
+
+- name: setup directories
+  file: dest={{ item }} state=directory owner={{ bind_user }} group={{ bind_group }} mode=0755
+  with_items:
+  - "{{ bind_base_zones_path }}"
+  - "{{ bind_cache_path }}"
 
 - name: setup zone directories
   file: dest={{ bind_base_zones_path }}/{{ item }} state=directory owner={{ bind_user }} group={{ bind_group }} mode=0755
@@ -17,12 +39,12 @@
   - forward
   notify: reload bind
 
-- name: configure bind
-  copy: src=named.conf dest={{ bind_config_basepath }}/named.conf owner={{ bind_user }} group={{ bind_group }} mode=0600
+- name: configure bind options
+  template: src=named.conf.options.j2 dest={{ bind_config_basepath }}/named.conf.options owner={{ bind_user }} group={{ bind_group }} mode=0644
   notify: restart bind
 
-- name: configure bind options
-  template: src=named.conf.options.j2 dest={{ bind_config_basepath }}/named.conf.options owner={{ bind_user }} group={{ bind_group }} mode=0600
+- name: configure bind
+  template: src=named.conf.j2 dest={{ bind_config_basepath }}/named.conf owner={{ bind_user }} group={{ bind_group }} mode=0644 validate='named-checkconf %s'
   notify: restart bind
 
 - name: Copy master zone files

templates/named.conf.j2

@@ -0,0 +1,45 @@
+// {{ ansible_managed }}
+//
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
+// structure of BIND configuration files in Debian, *BEFORE* you customize
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "{{ bind_config_basepath }}/named.conf.options";
+
+// prime the server with knowledge of the root servers
+zone "." {
+        type hint;
+        file "{{ bind_config_basepath }}/{{ bind_root_filename }}";
+};
+
+// be authoritative for the localhost forward and reverse zones, and for
+// broadcast zones as per RFC 1912
+
+zone "localhost" {
+        type master;
+        file "{{ bind_config_basepath }}/db.local";
+};
+
+zone "127.in-addr.arpa" {
+        type master;
+        file "{{ bind_config_basepath }}/db.local";
+};
+
+zone "0.in-addr.arpa" {
+        type master;
+        file "{{ bind_config_basepath }}/db.local";
+};
+
+zone "255.in-addr.arpa" {
+        type master;
+        file "{{ bind_config_basepath }}/db.local";
+};
+
+//include "{{ bind_config_basepath }}/named.conf.local";
+include "{{ bind_config_basepath }}/named.conf.local.master";
+include "{{ bind_config_basepath }}/named.conf.local.slave";
+include "{{ bind_config_basepath }}/named.conf.local.forward";

templates/named.conf.options.j2

@@ -1,7 +1,9 @@
 // {{ ansible_managed }}
 
 options {
-        directory "/var/cache/bind";
+        directory "{{ bind_cache_path }}";
+
+        pid-file "{{ bind_pid_file_name }}";
 
         // If there is a firewall between you and nameservers you want
         // to talk to, you might need to uncomment the query-source
@@ -23,6 +25,12 @@ options {
         {% endfor %}
         };
 
+        allow-recursion {
+        {% for allow_recursion in bind_config_master_allow_recursion %}
+            {{ allow_recursion }};
+        {% endfor %}
+        };
+
         notify yes;
 
         also-notify {

vars/main.yml

@@ -1,8 +1 @@
 ---
-bind_config_basepath: /etc/bind
-bind_user: bind
-bind_group: bind
-bind_service_name: bind9
-bind_pkgs:
-  - bind9
-  - dnsutils