Refactored dns::server class.

dns/templates/generate-named-conf.sh.erb

@@ -0,0 +1,58 @@
+#!/bin/sh
+
+chroot="<%= chroot %>"
+confdir="<%= confdir %>"
+operatingsystem="<%= operatingsystem %>"
+
+cat <<EOF
+include "${confdir}/named.conf.local";
+include "${confdir}/named.conf.options";
+
+view default {
+    match-clients { any; };
+EOF
+
+for name in ${chroot}${confdir}/zone.* ; do
+    echo "    include \"${confdir}/`basename ${name}`\";"
+done
+
+case $operatingsystem in
+    OpenBSD)
+        cat <<EOF
+    zone "." {
+        type hint;
+        file "/etc/root.hint";
+    };
+    zone "localhost" {
+        type master;
+        file "/standard/localhost";
+    };
+    zone "127.in-addr.arpa" {
+        type master;
+        file "/standard/loopback";
+    };
+    zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" {
+        type master;
+        file "/standard/loopback6.arpa";
+    };
+EOF
+        ;;
+    Ubuntu)
+        echo "    include \"${confdir}/named.conf.default-zones\";"
+        ;;
+    *)
+        cat <<EOF
+
+    zone "." {
+        type hint;
+        file "/var/named/named.ca";
+    };
+
+EOF
+        cat ${chroot}/etc/named.rfc1912.zones | \
+             sed -e 's%file "%file "/var/named/%' -e 's/^/    /'
+        ;;
+esac
+
+echo "};"
+echo ""

dns/templates/named.conf.local.erb

@@ -1,32 +0,0 @@
-//
-// Do any local configuration here
-//
-
-acl "xfer" {
-    none;   // Allow no transfers.  If we have other
-            // name servers, place them here.
-};
-
-acl "trusted" {
-    // Place our internal and DMZ subnets in here so that
-    // intranet and DMZ clients may send DNS queries.  This
-    // also prevents outside hosts from using our name server
-    // as a resolver for other domains.
-<% dns_client_networks.each do |network| -%>
-    <%= network %>;
-<% end -%>
-    localhost;
-};
-
-<% dns_zones.each do |zone| -%>
-    <% if zone.match(/\//) %>
-        include "/etc/bind/zone.<%= zone.sub(/\//, '-') %>";
-    <% else %>
-        include "/etc/bind/zone.<%= zone %>";
-    <% end -%>
-<% end -%>
-
-// Consider adding the 1918 zones here, if they are not used in your
-// organization
-//include "/etc/bind/zones.rfc1918";
-

dns/templates/named.conf.options.erb

@@ -1,30 +0,0 @@
-options {
-        listen-on { any; };
-        listen-on-v6 { none; };
-        allow-transfer { xfer; };
-        allow-recursion {
-               trusted;
-       };
-        # recursion yes;
-        directory "/var/cache/bind";
-        // If there is a firewall between you and nameservers you want
-        // to talk to, you might need to uncomment the query-source
-        // directive below.  Previous versions of BIND always asked
-        // questions using port 53, but BIND 8.1 and later use an unprivileged
-        // port by default.
-
-        // query-source address * port 53;
-
-        // If your ISP provided one or more IP addresses for stable
-        // nameservers, you probably want to use them as forwarders.
-        // Uncomment the following block, and insert the addresses replacing
-        // the all-0's placeholder.
-
-        // forwarders {
-        //      0.0.0.0;
-        // };
-
-        auth-nxdomain no;    # conform to RFC1035
-        version "";     // remove this to allow version queries
-};
-

dns/templates/zone.master.erb

@@ -11,7 +11,7 @@ zone "<%= zone %>" {
         <%= v['ip'] %>;
 <%     end -%>
 <% else -%>
-        none;
+        nameservers;
 <% end -%>
     };
     allow-update {