tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
puppet/dns/manifests/init.pp
aes_ng b470ceb9b6 Support for dns aliases, dynamic creation of zone files (dependent 
on the environment fact) from Facter facts and a fix for environment
support in puppet.
2012-03-02 16:05:37 +02:00

312 lines
9.1 KiB
Puppet
Raw Blame History

# Install DNS server.
#
class dns::server {
if $operatingsystem != "OpenBSD" {
package { "bind":
name => $operatingsystem ? {
"ubuntu" => "bind9",
default => "bind-chroot",
}
}
}
case $operatingsystem {
"fedora": {
$chroot = ""
$confdir = "/etc/named"
}
"centos": {
case $operatingsystemrelease {
/^5\..*/: {
$chroot = "/var/named/chroot"
$confdir = "/etc"
}
default: {
$chroot = ""
$confdir = "/etc/named"
}
}
}
"ubuntu": {
$chroot = ""
$confdir = "/etc/bind"
}
default: {
$chroot = "/var/named"
$confdir = "/etc"
}
}
case $operatingsystem {
"ubuntu": {
$group = "bind"
}
default: {
$group = "named"
}
}
file { "${chroot}${confdir}/rndc.key":
ensure => present,
mode => 0640,
owner => "root",
group => $group,
require => $operatingsystem ? {
"openbsd" => undef,
default => Package["bind"],
},
}
exec { "rndc-confgen":
command => $chroot ? {
"" => "rndc-confgen -r /dev/urandom -a",
default => "rndc-confgen -r /dev/urandom -a -t ${chroot}",
},
path => "/bin:/usr/bin:/sbin:/usr/sbin",
unless => "test -s ${chroot}${confdir}/rndc.key",
require => File["${chroot}${confdir}/rndc.key"],
}
if "${chroot}" != "" {
file { "/etc/rndc.key":
ensure => "${chroot}${confdir}/rndc.key",
owner => "root",
group => $group,
require => Exec["rndc-confgen"],
}
}
service { "named":
name => $operatingsystem ? {
"ubuntu" => "bind9",
default => "named",
},
ensure => running,
enable => true,
status => "/usr/sbin/rndc status",
stop => $operatingsystem ? {
"openbsd" => "pkill -u named",
default => undef,
},
start => $operatingsystem ? {
"openbsd" => "/usr/sbin/named",
default => undef,
},
require => Exec["rndc-confgen"],
}
case $operatingsystem {
"ubuntu": {
$ipaddr = $dns_listener_ipaddr
file { "${chroot}${confdir}/named.conf.local":
ensure => present,
content => template("dns/named.conf.local.erb"),
mode => 0640,
owner => "root",
group => $group,
require => Package["bind"],
notify => Service["named"],
}
file { "${chroot}${confdir}/named.conf.options":
ensure => present,
content => template("dns/named.conf.options.erb"),
mode => 0640,
owner => "root",
group => $group,
require => Package["bind"],
notify => Service["named"],
}
}
default: {
file { "named.conf":
path => $operatingsystem ? {
"centos" => $operatingsystemrelease ? {
/^5\..*/ => "${chroot}${confdir}/named.conf",
default => "/etc/named.conf",
},
"fedora" => "/etc/named.conf",
default => "${chroot}${confdir}/named.conf",
},
ensure => present,
source => [ "puppet:///files/dns/named.conf.${fqdn}",
"puppet:///files/dns/named.conf", ],
mode => 0640,
owner => "root",
group => $group,
require => $operatingsystem ? {
openbsd => undef,
default => Package["bind"],
},
notify => Service["named"],
}
}
}
}
# Configure DNS zone.
#
# === Parameters
#
# $name:
# Zone name.
# $role:
# The role {master, slave} of this host.
# $master:
# IP address and FQDN or hostname of the DNS master for this zone.
# $slaves:
# IP addresess and host names of the DNS slaves for this zone.
# $source:
# Source file to use for zone. Defaults to auto.
#
define dns::zone($role = "master", $master = [], $slaves = [], $source = "AUTO") {
$zone = $name
case $role {
"master": {
case $operatingsystem {
"openbsd": {
$zonedir = "/master"
}
"fedora","centos": {
$zonedir = "/var/named"
}
"ubuntu": {
$zonedir = "/etc/bind"
}
}
}
"slave": {
case $operatingsystem {
"openbsd": {
$zonedir = "/slave"
}
"fedora","centos": {
$zonedir = "/var/named/slaves"
}
"ubuntu": {
$zonedir = "/var/cache/bind"
}
}
}
default: {
fail("Unknown DNS zone type '${role}'")
}
}
$zonefile = regsubst($zone, '\/', '-')
file { "${dns::server::chroot}${dns::server::confdir}/zone.${zonefile}":
ensure => present,
content => template("dns/zone.$role.erb"),
mode => 0640,
owner => "root",
group => $dns::server::group,
require => $operatingsystem ? {
"openbsd" => undef,
default => Package["bind"],
},
notify => Service["named"],
}
if $role == "master" {
if $source != "AUTO" {
file { "${dns::server::chroot}${zonedir}/db.${zonefile}":
ensure => present,
source => $source,
mode => 0640,
owner => "root",
group => $dns::server::group,
require => $operatingsystem ? {
"openbsd" => undef,
default => Package["bind"],
},
notify => Service["named"],
}
} else {
file { "${dns::server::chroot}${zonedir}/db.${zonefile}":
ensure => present,
content => template("dns/db.erb"),
mode => 0640,
owner => "root",
group => $dns::server::group,
require => $operatingsystem ? {
"openbsd" => undef,
default => Package["bind"],
},
notify => Service["named"],
}
file { "${dns::server::chroot}${zonedir}/db.${zonefile}-dynamic":
ensure => present,
content => generate(
"/bin/sh",
"/etc/puppet/modules/dns/files/create_dynamic_records.sh",
$homename,
$zone),
mode => 0640,
owner => "root",
group => $dns::server::group,
require => $operatingsystem ? {
"openbsd" => undef,
default => Package["bind"],
},
notify => Service["named"],
}
file { "${dns::server::chroot}${zonedir}/db.${zonefile}-static":
ensure => present,
source => [ "puppet:///files/dns/db.${zonefile}-static.${homename}",
"puppet:///modules/dns/empty", ],
mode => 0640,
owner => "root",
group => $dns::server::group,
require => $operatingsystem ? {
"openbsd" => undef,
default => Package["bind"],
},
notify => Service["named"],
}
}
}
}
# Install dynamic DNS update script
#
# === Global variables
#
# $dns_nsupdate_name:
# FQDN to update into DNS.
#
# $dns_nsupdate_key:
# DNS key to use when updating entry. Usually in format:
# <keyname> <secret>
# for example:
# gw1.example.com. sZ6GgTZLBX83LXCoo
#
# $dns_nsupdate_server:
# DNS server address where to update entry.
#
# $dns_nsupdate_zone:
# Zone name to update. Defaults to domain part of
# $dns_nsupdate_name variable.
#
class dns::nsupdate {
file { "/usr/local/sbin/nsupdate.sh":
ensure => present,
content => template("dns/nsupdate.sh.erb"),
mode => 0700,
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
default => root,
},
}
cron { "nsupdate":
ensure => present,
command => "/usr/local/sbin/nsupdate.sh",
minute => "*/5",
require => File["/usr/local/sbin/nsupdate.sh"],
}
}
Reference in a new issue View git blame Copy permalink