{% macro yesno(val) %}{{ 'yes' if val|bool else 'no' }}{% endmacro %}
options {
{% for listen in named_listen %}
	listen-on port {{ listen.port|d(53) }} {
{% for address in listen.addresses %}
		{{ address }};
{% endfor %}
	};
{% endfor %}
{% for listen in named_listen_v6 %}
	listen-on-v6 port {{ listen.port|d(53) }} {
{% for address in listen.addresses %}
		{{ address }};
{% endfor %}
	};
{% endfor %}
	directory 	"{{ named_directory }}";
	dump-file 	"{{ named_dump_file }}";
	statistics-file "{{ named_stats_file }}";
	memstatistics-file "{{ named_memstats_file }}";
	allow-query     {
{% for match in named_allow_query %}
		{{ match }};
{% endfor %}
	};
{% if named_allow_update %}

	allow-update {
{% for match in named_allow_update %}
		{{ match }};
{% endfor %}
	};
{% endif %}

	recursion {{ yesno(named_recursion) }};
	minimal-responses yes;

	dnssec-enable {{ yesno(named_dnssec) }};
	dnssec-validation {{ yesno(named_dnssec_validation) }};
{% if named_forwarders is defined %}
{% if named_forward_only|d|bool %}
	forward only;
{% else %}
	forward first;
{% endif %}
	forwarders {
{% for host in named_forwarders %}
		{{ host }};
{% endfor %}
	};
{% endif %}

	managed-keys-directory "{{ named_managed_keys_dir }}";

	pid-file "{{ named_pid_file }}";
	session-keyfile "{{ named_session_keyfile }}";
{% if named_keytab is defined %}

	tkey-gssapi-keytab "{{ named_keytab }}";
{% endif %}
{% if named_response_policy|d %}

	response-policy {
{% for policy in named_response_policy %}
		{{ policy }};
{% endfor %}
	};
{% endif %}

{% for path in named_options_include %}
	include "{{ path }}";
{% endfor %}
};

logging {
	channel default_debug {
		syslog daemon;
		severity dynamic;
	};
{% if named_queries_syslog %}
	channel queries_syslog {
		syslog daemon;
		severity info;
	};
{% endif %}
{% if named_rpz_syslog %}
	channel rpz_syslog {
		syslog daemon;
		severity info;
	};
{% endif %}
{% if named_queries_syslog %}
	category queries { queries_syslog; };
{% endif %}
{% if named_rpz_syslog %}
	category rpz { rpz_syslog; };
{% endif %}
};

zone "." IN {
	type hint;
	file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
include "/etc/named.secrets";
include "/etc/named.zones";
{% for path in named_global_include %}
include "{{ path }}";
{% endfor %}