# vim: sts=2 ts=2 sw=2 et ai
//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

{% for name, data in salt['pillar.get']('bind:configured_acls', {})|dictsort %}
acl {{ name }} {
  {%- for d in data %}
  {{ d }};
  {%- endfor %}
};
{%- endfor %}

{%- for name, data in salt['pillar.get']('bind:configured_masters', {})|dictsort %}
masters {{ name }} {
  {%- for d in data %}
  {{ d }};
  {%- endfor %}
};
{%- endfor %}

{%- macro zone(key, args, file, masters) %}
zone "{{ key }}" {
  type {{ args['type'] }};
  {% if args['type'] == 'forward' -%}
    {% if args['forward'] is defined -%}
       forward {{ args['forward'] }};
    {%- endif %}
  forwarders {
    {% for forwarder in args.forwarders -%}
      {{ forwarder }};
    {%- endfor %}
  };
  {% else -%}
  {% if args['dnssec'] is defined and args['dnssec'] -%}
  file "{{ zones_directory }}/{{ file }}.signed";
  {% else -%}
  file "{{ zones_directory }}/{{ file }}";
  {%- endif %}
  {% if args['auto-dnssec'] is defined -%}
  auto-dnssec {{ args['auto-dnssec'] }};
  inline-signing yes;
  {%- endif %}
  {%- if args['allow-update'] is defined %}
  allow-update { {{ args['allow-update'] }}; };
  {%- endif %}
  {%- if args.update_policy is defined %}
  update-policy {
  {%-   for policy in args.update_policy %}
    {{ policy }};
  {%- endfor %}
  };
  {%- endif %}
  {%- if args['allow-transfer'] is defined %}
  allow-transfer { {{ args.get('allow-transfer', []) | join('; ') }}; };
  {%- endif %}
  {%- if args['also-notify'] is defined %}
  also-notify { {{ args.get('also-notify', []) | join('; ') }}; };
  {%- endif %}
  {%- if args['allow-query'] is defined %}
  allow-query { {{ args.get('allow-query', []) | join('; ') }}; };
  {%- endif %}
  {%- if args['zone-statistics'] is defined %}
  zone-statistics yes;
  {%- endif %}
  {%- if args['type'] == "master" -%}
    {% if args['notify'] %}
  notify yes;
    {% else %}
  notify no;
    {%- endif -%}
  {% else %}
  notify no;
  {%- if masters is iterable and masters is not string %}
  masters {
    {%- for item in masters %}
    {{ item }};
    {%- endfor %}
  };
  {%- else %}
    masters { {{ masters }} };
  {%- endif %}
  {%- endif %}
  {%- endif %}
};
{%- endmacro %}

{%- if salt['pillar.get']('bind:configured_views', {}) is not defined %}
include "{{ map.default_zones_config }}";
{%- endif %}

{% for key, args in salt['pillar.get']('bind:configured_zones', {})|dictsort -%}
{%- if salt['pillar.get']("bind:configured_zones:" + key + ":file") -%}
{%- set file = salt['pillar.get']("bind:configured_zones:" + key + ":file") %}
{% else %}
{%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %}
{%- endif -%}

{%- if salt['pillar.get']("bind:configured_zones:" + key + ":masters") -%}
{%- set masters = salt['pillar.get']("bind:configured_zones:" + key + ":masters") %}
{% else %}
{%- set masters = salt['pillar.get']("bind:available_zones:" + key + ":masters") %}
{%- endif -%}
{{ zone(key, args, file, masters) }}
{% endfor %}

{%- for view, view_data in salt['pillar.get']('bind:configured_views', {})|dictsort %}

view {{ view }} {
{%- if view == 'default' %}
  include "{{ map.default_zones_config }}";
{%- endif %}
    match-clients {
{%- for acl in view_data.get('match_clients', {}) %}
        {{ acl }};
{%- endfor %}
    };

{%- for key, args in view_data.get('configured_zones', {})|dictsort -%}
{%- if 'file' in args %}
{%-   set file = args.file %}
{%- else %}
{%-   set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %}
{%- endif %}
{%- set masters = salt['pillar.get']("bind:available_zones:" + key + ":masters") %}
        {{ zone(key, args, file, masters) }}
{%- endfor %}
};
{%- endfor %}

{%- if salt['pillar.get']('bind:config:enable_logging', True) %}
{%- if salt['pillar.get']('bind:config:use_extensive_logging', False) %}
include "{{ map.logging_config }}";
{% else %}
logging {
  channel "querylog" {
    file "{{ map.log_dir }}/query.log";
    print-time yes;
  };
  category queries { querylog; };
};
{%- endif %}
{%- endif %}

{%- if salt['pillar.get']('bind:controls', False) %}
controls {
    {%- for name, control in salt['pillar.get']('bind:controls')|dictsort if control.get('enabled', True) %}
    inet {{ control.get('bind', {}).get('address', '127.0.0.1') }} port {{ control.get('bind', {}).get('port', 953) }}
    {%- if control.get('allow') %}
    allow {
        {%- for allow in control.allow %}
        {{ allow }};
        {%- endfor %}
    }
    {%- endif %}
    {%- if control.get('keys') %}
    keys {
        {%- for key in control.get('keys') %}
        {{ key }};
        {%- endfor %}
    }
    {%- endif %};
    {%- endfor %}
};
{%- endif %}

{%- if salt['pillar.get']('bind:statistics', False) %}
statistics-channels {
    {%- for name, channel in salt['pillar.get']('bind:statistics')|dictsort if channel.get('enabled', True) %}
    inet {{ channel.get('bind', {}).get('address', '127.0.0.1') }} port {{ channel.get('bind', {}).get('port', 953) }}
    {%- if channel.get('allow') %}
    allow {
        {%- for allow in channel.allow %}
        {{ allow }};
        {%- endfor %}
    }
    {%- endif %};
    {%- endfor %}
};
{%- endif %}