---
- name: Install knot
  become: yes
  apt:
    update_cache: yes
    pkg:
    - knot
    - knot-dnsutils

- name: Start knot
  become: yes
  service:
    name: knot
    state: started
    enabled: yes

- name: Generate tsig
  become: yes
  shell:
    cmd: "keymgr -t {{ key_name }} > /etc/knot/{{ key_name }}.key"
    creates: "/etc/knot/{{ key_name }}.key"
  run_once: True

- name: Fetch key
  become: yes
  ansible.builtin.slurp:
    src: /etc/knot/{{ key_name }}.key
  register: tsig_key
  run_once: True

- name: Populate key to all host
  set_fact:
    tsig_key_content: "{{ tsig_key['content'] | b64decode }}"
  run_once: True
  with_items: "{{ play_hosts }}"
  delegate_to: "{{ item }}"

- name: Deploy conf
  become: yes
  template:
    src: knot.conf.j2
    dest: /etc/knot/knot.conf
  notify: reload knot