tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DNS module fixes for CentOS, OpenBSD and Fedora.

Browse source
This commit is contained in:
Timo Mkinen 2012-01-20 14:00:07 +02:00
parent fa542a2bfd
commit eab2dc4626
4 changed files with 126 additions and 73 deletions
Download patch file Download diff file Expand all files Collapse all files

189
dns/manifests/init.pp
View file

@ -12,44 +12,63 @@ class dns::server {
} }
case $operatingsystem { case $operatingsystem {
"centos","fedora": { "fedora": {
$confdir = "/var/named/chroot/etc" $chroot = ""
$confdir = "/etc/named"
}
"centos": {
case $operatingsystemrelease {
/^5\..*/: {
$chroot = "/var/named/chroot"
$confdir = "/etc"
}
default: {
$chroot = ""
$confdir = "/etc/named"
}
}
} }
"ubuntu": { "ubuntu": {
$chroot = ""
$confdir = "/etc/bind" $confdir = "/etc/bind"
} }
default: { default: {
$confdir = "/var/named/etc" $chroot = "/var/named"
$confdir = "/etc"
} }
} }
file { "${confdir}/rndc.key": case $operatingsystem {
"ubuntu": {
$group = "bind"
}
default: {
$group = "named"
}
}
file { "${chroot}${confdir}/rndc.key":
ensure => present, ensure => present,
mode => 0640, mode => 0640,
owner => "root", owner => "root",
group => $operatingsystem ? { group => $group,
"ubuntu" => "bind",
default => "named",
},
require => $operatingsystem ? { require => $operatingsystem ? {
"openbsd" => undef, "openbsd" => undef,
default => Package["bind"], default => Package["bind"],
}, },
} }
exec { "rndc-confgen": exec { "rndc-confgen":
command => "rndc-confgen -a -t ${confdir}", command => "rndc-confgen -a -t ${chroot}",
path => "/bin:/usr/bin:/sbin:/usr/sbin", path => "/bin:/usr/bin:/sbin:/usr/sbin",
unless => "test -s ${confdir}/rndc.key", unless => "test -s ${chroot}${confdir}/rndc.key",
require => File["${confdir}/rndc.key"], require => File["${chroot}${confdir}/rndc.key"],
} }
case $operatingsystem { if "${chroot}" != "" {
"centos","fedora": { file { "/etc/rndc.key":
file { "/etc/rndc.key": ensure => "${chroot}${confdir}/rndc.key",
ensure => "${confdir}/rndc.key", owner => "root",
owner => "root", group => $group,
group => "root", require => Exec["rndc-confgen"],
require => Exec["rndc-confgen"],
}
} }
} }
@ -75,33 +94,33 @@ class dns::server {
case $operatingsystem { case $operatingsystem {
"ubuntu": { "ubuntu": {
$ipaddr = $dns_listener_ipaddr $ipaddr = $dns_listener_ipaddr
file { "${confdir}/named.conf.local": file { "${chroot}${confdir}/named.conf.local":
ensure => present, ensure => present,
content => template("dns/named.conf.local.erb"), content => template("dns/named.conf.local.erb"),
mode => 0640, mode => 0640,
owner => "root", owner => "root",
group => "bind", group => $group,
require => Package["bind"], require => Package["bind"],
notify => Service["named"], notify => Service["named"],
} }
file { "${confdir}/named.conf.options": file { "${chroot}${confdir}/named.conf.options":
ensure => present, ensure => present,
content => template("dns/named.conf.options.erb"), content => template("dns/named.conf.options.erb"),
mode => 0640, mode => 0640,
owner => "root", owner => "root",
group => "bind", group => $group,
require => Package["bind"], require => Package["bind"],
notify => Service["named"], notify => Service["named"],
} }
} }
default: { default: {
file { "${confdir}/named.conf": file { "${chroot}${confdir}/named.conf":
ensure => present, ensure => present,
source => [ "puppet:///files/dns/named.conf.${fqdn}", source => [ "puppet:///files/dns/named.conf.${fqdn}",
"puppet:///files/dns/named.conf", ], "puppet:///files/dns/named.conf", ],
mode => 0640, mode => 0640,
owner => "root", owner => "root",
group => "named", group => $group,
require => $operatingsystem ? { require => $operatingsystem ? {
openbsd => undef, openbsd => undef,
default => Package["bind"], default => Package["bind"],
@ -113,7 +132,7 @@ class dns::server {
} }
# Configure interface. # Configure DNS zone.
# #
# === Parameters # === Parameters
# #
@ -126,59 +145,93 @@ class dns::server {
# $slaves: # $slaves:
# IP addresess and FQDNs or hostnames of the DNS slaves for this zone. # IP addresess and FQDNs or hostnames of the DNS slaves for this zone.
# #
define dns::zone($role = "master", $master = {}, $slaves = {}) { define dns::zone($role = "master", $master = [], $slaves = []) {
$zone = $name $zone = $name
case $role {
case $operatingsystem { "master": {
"centos","fedora": { case $operatingsystem {
$confdir = "/var/named/chroot/etc" "openbsd": {
$zonedir = "/master"
}
"fedora","centos": {
$zonedir = "/var/named"
}
"ubuntu": {
$zonedir = "/etc/bind"
}
}
} }
"ubuntu": { "slave": {
$confdir = "/etc/bind" case $operatingsystem {
"openbsd": {
$zonedir = "/slave"
}
"fedora","centos": {
$zonedir = "/var/named/slaves"
}
"ubuntu": {
$zonedir = "/var/cache/bind"
}
}
} }
default: { default: {
$confdir = "/var/named/etc" fail("Unknown DNS zone type '${role}'")
} }
} }
file { "${confdir}/zone.${zone}": file { "${dns::server::chroot}${dns::server::confdir}/zone.${zone}":
ensure => present, ensure => present,
content => template("dns/zone.$role.erb"), content => template("dns/zone.$role.erb"),
mode => 0640, mode => 0640,
owner => "root", owner => "root",
group => "bind", group => $dns::server::group,
require => Package["bind"], require => $operatingsystem ? {
"openbsd" => undef,
default => Package["bind"],
},
notify => Service["named"], notify => Service["named"],
} }
file { "${confdir}/db.${zone}":
ensure => present, if $role == "master" {
content => template("dns/db.erb"), file { "${dns::server::chroot}${zonedir}/db.${zone}":
mode => 0640, ensure => present,
owner => "root", content => template("dns/db.erb"),
group => "bind", mode => 0640,
require => Package["bind"], owner => "root",
notify => Service["named"], group => $dns::server::group,
} require => $operatingsystem ? {
file { "${confdir}/db.${zone}-dynamic": "openbsd" => undef,
ensure => present, default => Package["bind"],
source => [ "puppet:///files/dns/db.${zone}-dynamic.${homename}", },
"puppet:///modules/dns/empty", ], notify => Service["named"],
mode => 0640, }
owner => "root", file { "${dns::server::chroot}${zonedir}/db.${zone}-dynamic":
group => "bind", ensure => present,
require => Package["bind"], source => [ "puppet:///files/dns/db.${zone}-dynamic.${homename}",
notify => Service["named"], "puppet:///modules/dns/empty", ],
} mode => 0640,
file { "${confdir}/db.${zone}-static": owner => "root",
ensure => present, group => $dns::server::group,
source => [ "puppet:///files/dns/db.${zone}-static.${homename}", require => $operatingsystem ? {
"puppet:///modules/dns/empty", ], "openbsd" => undef,
mode => 0640, default => Package["bind"],
owner => "root", },
group => "bind", notify => Service["named"],
require => Package["bind"], }
notify => Service["named"], file { "${dns::server::chroot}${zonedir}/db.${zone}-static":
ensure => present,
source => [ "puppet:///files/dns/db.${zone}-static.${homename}",
"puppet:///modules/dns/empty", ],
mode => 0640,
owner => "root",
group => $dns::server::group,
require => $operatingsystem ? {
"openbsd" => undef,
default => Package["bind"],
},
notify => Service["named"],
}
} }
} }

4
dns/templates/db.erb
View file

@ -23,5 +23,5 @@ $ORIGIN <%= zone %>.
<% end -%> <% end -%>
<% end -%> <% end -%>
$INCLUDE /etc/bind/db.<%= zone %>-dynamic $INCLUDE <%= zonedir %>/db.<%= zone %>-dynamic
$INCLUDE /etc/bind/db.<%= zone %>-static $INCLUDE <%= zonedir %>/db.<%= zone %>-static

2
dns/templates/zone.master.erb
View file

@ -1,6 +1,6 @@
zone "<%= zone %>" { zone "<%= zone %>" {
type master; type master;
file "/etc/bind/db.<%= zone %>"; file "<%= zonedir %>/db.<%= zone %>";
<% if not slaves.empty? -%> <% if not slaves.empty? -%>
allow-transfer { allow-transfer {
<% slaves.each do |slave| -%> <% slaves.each do |slave| -%>

4
dns/templates/zone.slave.erb
View file

@ -1,9 +1,9 @@
zone "<%= zone %>" { zone "<%= zone %>" {
type slave; type slave;
file "/var/cache/bind/db.<%= zone %>"; file "<%= zonedir %>/db.<%= zone %>";
masters { masters {
<% master.each do |m| -%> <% master.each do |m| -%>
<%= m['ipaddr'] %>; <%= m %>;
<% end -%> <% end -%>
}; };
}; };