DNS module fixes for CentOS, OpenBSD and Fedora.

2012-01-20 14:00:07 +02:00 · 2012-01-20 14:00:07 +02:00 · eab2dc4626
commit eab2dc4626
parent fa542a2bfd
4 changed files with 126 additions and 73 deletions
--- a/dns/manifests/init.pp
+++ b/dns/manifests/init.pp
@ -12,44 +12,63 @@ class dns::server {
    }

    case $operatingsystem {
-        "centos","fedora": {
-            $confdir = "/var/named/chroot/etc"
+        "fedora": {
+            $chroot = ""
+            $confdir = "/etc/named"
+        }
+        "centos": {
+            case $operatingsystemrelease {
+                /^5\..*/: {
+                    $chroot = "/var/named/chroot"
+                    $confdir = "/etc"
+                }
+                default: {
+                    $chroot = ""
+                    $confdir = "/etc/named"
+                }
+            }
        }
        "ubuntu": {
+            $chroot = ""
            $confdir = "/etc/bind"
        }
        default: {
-            $confdir = "/var/named/etc"
+            $chroot = "/var/named"
+            $confdir = "/etc"
        }
    }

-    file { "${confdir}/rndc.key": 
+    case $operatingsystem {
+        "ubuntu": {
+            $group = "bind"
+        }
+        default: {
+            $group = "named"
+        }
+    }
+
+    file { "${chroot}${confdir}/rndc.key": 
        ensure  => present,
        mode    => 0640,
        owner   => "root",
-        group   => $operatingsystem ? {
-            "ubuntu" => "bind",
-            default  => "named",
-        },
+        group   => $group,
        require => $operatingsystem ? {
            "openbsd" => undef,
            default   => Package["bind"],
        },
    }
    exec { "rndc-confgen":
-        command => "rndc-confgen -a -t ${confdir}",
+        command => "rndc-confgen -a -t ${chroot}",
        path    => "/bin:/usr/bin:/sbin:/usr/sbin",
-        unless  => "test -s ${confdir}/rndc.key",
-        require => File["${confdir}/rndc.key"],
+        unless  => "test -s ${chroot}${confdir}/rndc.key",
+        require => File["${chroot}${confdir}/rndc.key"],
    }
-    case $operatingsystem {
-        "centos","fedora": {
-            file { "/etc/rndc.key":
-                ensure  => "${confdir}/rndc.key",
-                owner   => "root",
-                group   => "root",
-                require => Exec["rndc-confgen"],
-            }
+    if "${chroot}" != "" {
+        file { "/etc/rndc.key":
+            ensure  => "${chroot}${confdir}/rndc.key",
+            owner   => "root",
+            group   => $group,
+            require => Exec["rndc-confgen"],
        }
    }

@ -75,33 +94,33 @@ class dns::server {
    case $operatingsystem {
        "ubuntu": {
            $ipaddr = $dns_listener_ipaddr
-            file { "${confdir}/named.conf.local":
+            file { "${chroot}${confdir}/named.conf.local":
                ensure  => present,
-                content  => template("dns/named.conf.local.erb"),
+                content => template("dns/named.conf.local.erb"),
                mode    => 0640,
                owner   => "root",
-                group   => "bind",
+                group   => $group,
                require => Package["bind"],
                notify  => Service["named"],
            }
-            file { "${confdir}/named.conf.options":
+            file { "${chroot}${confdir}/named.conf.options":
                ensure  => present,
-                content  => template("dns/named.conf.options.erb"),
+                content => template("dns/named.conf.options.erb"),
                mode    => 0640,
                owner   => "root",
-                group   => "bind",
+                group   => $group,
                require => Package["bind"],
                notify  => Service["named"],
            }
        }
        default: {
-            file { "${confdir}/named.conf":
+            file { "${chroot}${confdir}/named.conf":
                ensure  => present,
                source  => [ "puppet:///files/dns/named.conf.${fqdn}",
                             "puppet:///files/dns/named.conf", ],
                mode    => 0640,
                owner   => "root",
-                group   => "named",
+                group   => $group,
                require => $operatingsystem ? {
                    openbsd => undef,
                    default => Package["bind"],
@ -113,7 +132,7 @@ class dns::server {
 }


-# Configure interface.
+# Configure DNS zone.
 #
 # === Parameters
 #
@ -126,59 +145,93 @@ class dns::server {
 # $slaves:
 #      IP addresess and FQDNs or hostnames of the DNS slaves for this zone.
 #
-define dns::zone($role = "master", $master = {}, $slaves = {}) {
+define dns::zone($role = "master", $master = [], $slaves = []) {

    $zone = $name
-
-    case $operatingsystem {
-        "centos","fedora": {
-            $confdir = "/var/named/chroot/etc"
+    case $role {
+        "master": {
+            case $operatingsystem {
+                "openbsd": {
+                    $zonedir = "/master"
+                }
+                "fedora","centos": {
+                    $zonedir = "/var/named"
+                }
+                "ubuntu": {
+                    $zonedir = "/etc/bind"
+                }
+            }
        }
-        "ubuntu": {
-            $confdir = "/etc/bind"
+        "slave": {
+            case $operatingsystem {
+                "openbsd": {
+                    $zonedir = "/slave"
+                }
+                "fedora","centos": {
+                    $zonedir = "/var/named/slaves"
+                }
+                "ubuntu": {
+                    $zonedir = "/var/cache/bind"
+                }
+            }
        }
        default: {
-            $confdir = "/var/named/etc"
+            fail("Unknown DNS zone type '${role}'")
        }
    }

-    file { "${confdir}/zone.${zone}":
-        ensure => present,
+    file { "${dns::server::chroot}${dns::server::confdir}/zone.${zone}":
+        ensure  => present,
        content => template("dns/zone.$role.erb"),
        mode    => 0640,
        owner   => "root",
-        group   => "bind",
-        require => Package["bind"],
+        group   => $dns::server::group,
+        require => $operatingsystem ? {
+            "openbsd" => undef,
+            default   => Package["bind"],
+        },
        notify  => Service["named"],
    }
-    file { "${confdir}/db.${zone}":
-        ensure => present,
-        content => template("dns/db.erb"),
-        mode    => 0640,
-        owner   => "root",
-        group   => "bind",
-        require => Package["bind"],
-        notify  => Service["named"],
-    }
-    file { "${confdir}/db.${zone}-dynamic":
-        ensure => present,
-        source => [ "puppet:///files/dns/db.${zone}-dynamic.${homename}",
-                    "puppet:///modules/dns/empty", ],
-        mode    => 0640,
-        owner   => "root",
-        group   => "bind",
-        require => Package["bind"],
-        notify  => Service["named"],
-    }
-    file { "${confdir}/db.${zone}-static":
-        ensure => present,
-        source => [ "puppet:///files/dns/db.${zone}-static.${homename}",
-                    "puppet:///modules/dns/empty", ],
-        mode    => 0640,
-        owner   => "root",
-        group   => "bind",
-        require => Package["bind"],
-        notify  => Service["named"],
+
+    if $role == "master" {
+        file { "${dns::server::chroot}${zonedir}/db.${zone}":
+            ensure  => present,
+            content => template("dns/db.erb"),
+            mode    => 0640,
+            owner   => "root",
+            group   => $dns::server::group,
+            require => $operatingsystem ? {
+                "openbsd" => undef,
+                default   => Package["bind"],
+            },
+            notify  => Service["named"],
+        }
+        file { "${dns::server::chroot}${zonedir}/db.${zone}-dynamic":
+            ensure  => present,
+            source  => [ "puppet:///files/dns/db.${zone}-dynamic.${homename}",
+                         "puppet:///modules/dns/empty", ],
+            mode    => 0640,
+            owner   => "root",
+            group   => $dns::server::group,
+            require => $operatingsystem ? {
+                "openbsd" => undef,
+                default   => Package["bind"],
+            },
+            notify  => Service["named"],
+        }
+        file { "${dns::server::chroot}${zonedir}/db.${zone}-static":
+            ensure  => present,
+            source  => [ "puppet:///files/dns/db.${zone}-static.${homename}",
+                         "puppet:///modules/dns/empty", ],
+            mode    => 0640,
+            owner   => "root",
+            group   => $dns::server::group,
+            require => $operatingsystem ? {
+                "openbsd" => undef,
+                default   => Package["bind"],
+            },
+            notify  => Service["named"],
+        }
    }

 }
--- a/dns/templates/db.erb
+++ b/dns/templates/db.erb
@ -23,5 +23,5 @@ $ORIGIN <%= zone %>.
  <% end -%>
 <% end -%>

-$INCLUDE /etc/bind/db.<%= zone %>-dynamic
-$INCLUDE /etc/bind/db.<%= zone %>-static
+$INCLUDE <%= zonedir %>/db.<%= zone %>-dynamic
+$INCLUDE <%= zonedir %>/db.<%= zone %>-static
--- a/dns/templates/zone.master.erb
+++ b/dns/templates/zone.master.erb
@ -1,6 +1,6 @@
 zone "<%= zone %>" {
        type master;
-        file "/etc/bind/db.<%= zone %>";
+        file "<%= zonedir %>/db.<%= zone %>";
    <% if not slaves.empty? -%>
        allow-transfer {
      <% slaves.each do |slave| -%>
--- a/dns/templates/zone.slave.erb
+++ b/dns/templates/zone.slave.erb
@ -1,9 +1,9 @@
 zone "<%= zone %>" {
        type slave;
-        file "/var/cache/bind/db.<%= zone %>";
+        file "<%= zonedir %>/db.<%= zone %>";
        masters {
        <% master.each do |m| -%>
-        <%= m['ipaddr'] %>;
+        <%= m %>;
        <% end -%>
        };
 };