role_dnsmasq/tasks/configuration.yml

---
# tasks file for security

- name: Create records directory
  ansible.builtin.file:
    path: /srv/dnsmasq
    state: directory
    owner: dnsmasq
    group: root
    mode: u=rwX,g=rX,o=rX
  become: true

- name: Remove old configuration
  ansible.builtin.file:
    path: /etc/dnsmasq.d/cache.conf
    state: absent
  become: true

- name: Deploy configuration
  ansible.builtin.template:
    src: dnsmasq.conf.j2
    dest: /etc/dnsmasq.d/dns.conf
    owner: root
    group: root
    mode: u=rw,g=r,o=r
  become: true
  notify: Reload dnsmasq.service

- name: Deploy local host configuration
  ansible.builtin.template:
    src: host.conf.j2
    dest: /srv/dnsmasq/{{ inventory_hostname }}.conf
    owner: dnsmasq
    group: root
    mode: u=rw,g=r,o=r
  become: true
  notify: Reload dnsmasq.service

- name: Deploy specific configuration
  ansible.builtin.template:
    src: specific.conf.j2
    dest: "{{ filename }}"
    owner: dnsmasq
    group: root
    mode: u=rw,g=r,o=r
  when: dnsmasq_specifics | length > 0
  become: true
  notify: Reload dnsmasq.service
  loop: "{{ dnsmasq_specifics }}"
  loop_control:
    label: "{{ filename }}"
  vars:
    filename: /srv/dnsmasq/{{ item.hostname }}.conf