diff options
author | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-06-09 14:38:51 +0200 |
---|---|---|
committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-06-09 14:38:51 +0200 |
commit | 7b3fed95f91a6877a88758558babf1bc549eeffc (patch) | |
tree | 85760a3c81ce5c35764140e507fae5d4db1befa9 /manifests/key.pp | |
parent | Revert extra rndc-keyfile include. (diff) | |
download | dns-7b3fed95f91a6877a88758558babf1bc549eeffc.tar.gz dns-7b3fed95f91a6877a88758558babf1bc549eeffc.tar.xz |
Place each zone and key declaration in own file.
This removes the dependency on concat, and allows for non-purging
configurations.
Diffstat (limited to '')
-rw-r--r-- | manifests/key.pp | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/manifests/key.pp b/manifests/key.pp index c5bdb55..b36bf35 100644 --- a/manifests/key.pp +++ b/manifests/key.pp @@ -8,13 +8,18 @@ # Secret hash, must match algorithm # @param keyname # Name of key +# @param ensure +# Allows for manual removal of the key. Note that if +# $dns::purge_keyconf is true then simply removing the +# dns::key resource removes the file. define dns::key ( String $algorithm, Variant[String, Sensitive[String]] $secret, String $keyname = $name, + Enum['present', 'absent'] $ensure = 'present', ) { - concat::fragment { "Dns::Key - ${keyname}": - target => $dns::config_file, + file { "${dns::keyconf_dir}/${keyname}.conf": + ensure => $ensure, content => epp("${module_name}/key.epp", { keyname => $keyname, algorithm => $algorithm, |