Added initial support for dynamic dns zones

2012-06-11 14:21:06 +03:00 · 2012-06-11 14:21:06 +03:00 · 16e92d694f
commit 16e92d694f
parent 347ce1c2c2
2 changed files with 63 additions and 10 deletions
--- a/dns/manifests/init.pp
+++ b/dns/manifests/init.pp
@ -220,7 +220,7 @@ class dns::server::ldap inherits dns::server {
 # $name:
 #      Zone name.
 # $role:
-#       The role {master, slave} of this host.
+#       The role {master, slave, dynamic} of this host.
 # $master:
 #      IP address of DNS master for this zone if role is slave.
 #      IP address and FQDN of DNS master for this zone if running as
@ -230,8 +230,13 @@ class dns::server::ldap inherits dns::server {
 #      Required only when using autogenrated zones.
 # $source:
 #      Source file to use for zone. Defaults to auto.
+# $key:
+#      Key for dynamic zones.
+# $keytype:
+#      Key algorithm. Defaults to 'hmac-md5'.
 #
-define dns::zone($role = "master", $master = "", $slaves = [], $source = "AUTO") {
+define dns::zone($role = "master", $master = "", $slaves = [],
+                 $source = "AUTO", $key = "none", $keytype = "hmac-md5") {

    $tmpname = regsubst($name, '([^/]+/)?([0-9]+)/([0-9\.]+\.in-addr\.arpa)', '\1\2-\3')
    case dirname($tmpname) {
@ -255,6 +260,22 @@ define dns::zone($role = "master", $master = "", $slaves = [], $source = "AUTO")
                }
            }
        }
+        "dynamic": {
+            if $key == "none" {
+                fail("No key defined for dns::zone '${name}'")
+            }
+            case $operatingsystem {
+                "openbsd": {
+                    $zonedir = "/dynamic/${view}"
+                }
+                "fedora","centos": {
+                    $zonedir = "/var/named/dynamic/${view}"
+                }
+                "ubuntu": {
+                    $zonedir = "/etc/bind/dynamic/${view}"
+                }
+            }
+        }
        "slave": {
            if $master == "" {
                fail("No master defined for dns::zone '${name}'")
@ -286,14 +307,21 @@ define dns::zone($role = "master", $master = "", $slaves = [], $source = "AUTO")
                before => File["${dns::server::chroot}${dns::server::confdir}/${view}zone.${zone}"],
            }
        }
+    }
+
    if !defined(File["${dns::server::chroot}${zonedir}"]) {
        file { "${dns::server::chroot}${zonedir}":
            ensure => directory,
-                mode   => "0750",
+            mode   => $role ? {
+                "master" => "0750",
+                default  => "0770",
+            },
            owner  => "root",
            group  => $dns::server::group,
-                before => File["${dns::server::chroot}${zonedir}db.${zone}"],
-            }
+            before => $role ? {
+                "master" => File["${dns::server::chroot}${zonedir}db.${zone}"],
+                default  => undef,
+            },
        }
    }

--- a/dns/templates/zone.dynamic.erb
+++ b/dns/templates/zone.dynamic.erb
@ -0,0 +1,25 @@
+key "<%= zone %>" {
+    algorithm <%= keytype %>;
+    secret "<%= key %>";
+};
+
+zone "<%= zone %>" {
+    type master;
+<% if zone.match(/\//) -%>
+    file "<%= zonedir %>/db.<%= zone.sub(/\//, '-') %>";
+<% else -%>
+    file "<%= zonedir %>/db.<%= zone %>";
+<% end -%>
+    allow-transfer {
+<% if slaves != [] -%>
+<%     slaves.each_pair do |k, v| -%>
+        <%= v['ip'] %>;
+<%     end -%>
+<% else -%>
+        nameservers;
+<% end -%>
+    };
+    allow-update {
+        key <%= zone %>;
+    };
+};