✨: add nsd role

roles/nsd/tasks/prerequisites.yml

@@ -0,0 +1,28 @@
+---
+
+- name: Gather facts on listening ports
+  community.general.listen_ports_facts:
+
+- name: Detect systemd-resolve
+  ansible.builtin.set_fact:
+    _systemd_resolve_enable: "{{ ansible_facts.udp_listen | selectattr('port', 'eq', 53) | selectattr('name', 'eq', 'systemd-resolve') | count > 0 }}"
+
+- name: Deactivate DNS stublistener
+  ansible.builtin.lineinfile:
+    path: /etc/systemd/resolved.conf
+    regex: '^#DNSStubListener=yes'
+    line: DNSStubListener=no
+  when: _systemd_resolve_enable
+  notify:
+    - Restart systemd-resolved
+
+- name: Force restart for stub resolver
+  ansible.builtin.meta: flush_handlers
+
+- name: Install nsd & utilities
+  ansible.builtin.package:
+    name:
+      - nsd
+      - dnsutils
+      - ldnsutils
+    state: present