diff options
| author | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-05-05 01:46:46 +0200 |
|---|---|---|
| committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-06-06 18:31:17 +0200 |
| commit | 812c3f4d6162cf7af8f8cbedb6abb6d72bd537e9 (patch) | |
| tree | 109619457ac9b9028eae7297c4f72deadad68c52 /manifests/init.pp | |
| parent | tmp disable creation. (diff) | |
| download | dns-812c3f4d6162cf7af8f8cbedb6abb6d72bd537e9.tar.gz dns-812c3f4d6162cf7af8f8cbedb6abb6d72bd537e9.tar.xz | |
"Working" product.
Diffstat (limited to 'manifests/init.pp')
| -rw-r--r-- | manifests/init.pp | 72 |
1 files changed, 48 insertions, 24 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index a7d2b05..ffb102d 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -23,38 +23,60 @@ # Name of the system service to manage # @param rndc_confgen # Path to rndc-confgen binary +# @param config_dir +# Directory for extra configuration files. Some systems places the +# default configuration file inside this directory. +# @param manage_dir +# Should the configuration dir be managed by this module. +# @param user +# System user which runs the server. +# Only used to set permissions for files, so MUST be set to what +# the system already expects. class dns ( String $config_file = '/etc/named.conf', - # String $config_dir = '/etc/named.d', + String $config_dir = '/etc/named.d', + Boolean $manage_dir = false, String $rndc_key_file = '/etc/rndc.key', String $directory = '/var/named', String $checkzone = '/usr/bin/named-checkzone', String $checkconf = '/usr/bin/named-checkconf', - Hash[String, Dns::Keyentry] $keys = [], - Hash[String, Dns::Zoneentry] $zones = [], + Hash[String, Dns::Keyentry] $keys = {}, + Hash[String, Dns::Zoneentry] $zones = {}, String $packagename = 'bind9', Boolean $manage_package = true, String $servicename = 'named', String $rndc = '/usr/bin/rndc', String $rndc_confgen = '/usr/bin/rndc-confgen', + String $user = 'bind', ) { $zone_directory = "${directory}/zones" $jnl_directory = "${directory}/journal" - file { $zone_directory: + if $dns::manage_package { + package { $dns::packagename: + ensure => installed, + } + # bind9-dnsutils + } + + file { $dns::directory: + ensure => directory, + owner => $dns::user, + mode => 'u+rwx', + } + + file { $dns::zone_directory: ensure => directory, recurse => true, purge => true, + owner => $dns::user, + mode => 'u+rwx', } - file { $jnl_directory: + file { $dns::jnl_directory: ensure => directory, - } - - if $manage_package { - package { $packagename: - ensure => installed, - } + owner => $dns::user, + mode => 'u+rwx', } service { $servicename: @@ -62,27 +84,27 @@ class dns ( enable => true, } - notify { - 'zones': message => "${zones}" ; - 'keys': message => "${keys}" ; - } + create_resources(dns::key, $keys) + create_resources(dns::zone, $zones) - # create_resources(dns::key, $keys) - # create_resources(dns::zone, $zones) - - # file { $config_dir: - # ensure => directory, - # recurse => true, - # } + if $manage_dir { + file { $config_dir: + ensure => directory, + recurse => true, + purge => true, + } + } exec { 'Setup rndc key': - cmd => [$rndc_confgen, '-a'], + command => [$rndc_confgen, '-a', '-u', $user], creates => $rndc_key_file, + } -> file { $rndc_key_file: + ensure => file, } concat { $config_file: ensure_newline => true, - warn => '; File managed by Puppet. Local changes WILL be overwritter', + warn => '# File managed by Puppet. Local changes WILL be overwritter', validate_cmd => "${checkconf} %", notify => Service[$servicename], } @@ -90,10 +112,12 @@ class dns ( concat::fragment { 'named.conf main configuration': target => $config_file, content => epp("${module_name}/named.conf.epp"), + order => '01', } concat::fragment { 'named.conf rndc configuration': target => $config_file, content => epp("${module_name}/named-rndc.conf.epp"), + order => '05', } } |