Fix permission

files/signzone

@@ -18,5 +18,7 @@ echo "Signing zone for ${DOMAIN}"
 ldns-signzone -n -p ${arg} -s "$(head /dev/urandom | tr -dc A-Za-z0-9 | sha1sum | head -c 30)" \
   -f "${DOMAIN}.zone.signed" "${DOMAIN}.zone" "K${DOMAIN}.zsk" "K${DOMAIN}.ksk"
 
+chown nsd:nsd "${DOMAIN}.zone.signed"
+
 updatezone "$DOMAIN"
 exit 0

tasks/configure.yml

@@ -12,6 +12,9 @@
   file:
     path: /etc/nsd/zones
     state: directory
+    owner: root
+    group: root
+    mode: '0755'
 
 - name: Install nsd
   apt: 

tasks/main.yml

@@ -30,6 +30,8 @@
     src: zone.j2
     dest: "/etc/nsd/zones/{{ item.name }}.zone"
     mode: '0640'
+    owner: nsd
+    group: nsd
   loop: "{{ dns_zones }}"
   when: "dns_zones is defined"