diff options
author | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-05-05 00:31:37 +0200 |
---|---|---|
committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-05-05 00:31:37 +0200 |
commit | eb38e6252b3c52a44d0d33679b3bc3178674c7f8 (patch) | |
tree | b7958e38f9893c347af4c04a53f65a103cef3292 /manifests/zone.pp | |
parent | Initial commit (diff) | |
download | dns-eb38e6252b3c52a44d0d33679b3bc3178674c7f8.tar.gz dns-eb38e6252b3c52a44d0d33679b3bc3178674c7f8.tar.xz |
Everything
Diffstat (limited to '')
-rw-r--r-- | manifests/zone.pp | 122 |
1 files changed, 122 insertions, 0 deletions
diff --git a/manifests/zone.pp b/manifests/zone.pp new file mode 100644 index 0000000..2226994 --- /dev/null +++ b/manifests/zone.pp @@ -0,0 +1,122 @@ +# @param zone +# Domain this zone controls. +# @param mname +# Primary master +# @param rname +# mail to zone admin +# @param retry +# Retry value for zone +# @param expire +# Expire value for zone +# @param negative_ttl +# Negative ttl for zone +# @param default_ttl +# Default ttl for zone +# @param refresh +# Refresh value for SOA +# @param records +# Hash of records to create. Instanciates Dns::Record resources. +# @param ns +# List of nameservers for this zone. Creates Dns::Record resources +# with NS entries. +# @param type +# Zonetype. master, slave, ... +# @param update_policy +# A bind9 update policy, as a string. +# @param dynamic +# However if this zone should be treated as a dynamic zone. If +# enabled rndc freezes and thaws the zone around static updates. +# Otherwise the zone file will be directly changed, and simply +# reloaded afterwards. +# +# Defaults to true if an update_policy is set. +define dns::zone ( + String $mname, + String $rname, + + Dns::Ttl $refresh, + Dns::Ttl $retry, + Dns::Ttl $expire, + Dns::Ttl $negative_ttl, + Dns::Ttl $default_ttl, + + String $zone = $name, + + Array[Dns::RecordEntry] $records = [], + + Array[String] $ns = [], + + String $type = 'master', + + Optional[String] $update_policy = undef, + Boolean $dynamic = $update_policy != undef, +) { + $zone_ = dns::ensure_ending_period($zone) + + concat { "${dns::zone_directory}/${zone}.db": + validate_cmd => "${dns::checkzone} '${zone}' %", + ensure_newline => true, + require => if $dynamic { Exec["Dns::zone freeze ${zone}"] } else { undef }, + } + + $zone_serial = $facts.get("dns_zone_serial.'${zone_}'", 0) + + concat::fragment { "Dns::Record - ${zone} - SOA": + target => "${dns::zone_directory}/${zone}.db", + order => '01', + content => epp("${module_name}/zone.epp", { + zone => $zone_, + mname => dns::ensure_ending_period($mname), + rname => dns::convert_to_rname($rname), + serial => $zone_serial + 1, + refresh => $refresh, + expire => $expire, + negative_ttl => $negative_ttl, + default_ttl => $default_ttl, + }), + } + + concat::fragment { "Dns::Zone - ${zone}": + target => $dns::config_file, + content => epp("${module_name}/zoneconf.epp", { + zone => $zone_, + type => $type, + update_policy => $update_policy, + }), + } + + $ns.each |$ns| { + dns::record { "Dns::Zore - record - ${zone} NS ${ns}": + type => 'NS', + zone => $zone, + } + } + + $fixed_records = $records.each |$record| { + { "Dns::Zone - record - ${zone} - ${record['class']} ${record['type']} ${record['key']} ${record['value']}" + => $record + { dns_name => $record['key'] } } + } + + create_resources(dns::record, $fixed_records, { + zone => $zone, + }) + + if $dynamic { + exec { "Dns::zone freeze ${zone}": + command => [$dns::rndc, 'freeze', $zone], + refreshonly => true, + } + + exec { "Dns::zone thaw ${zone}": + command => [$dns::rndc, 'thaw', $zone], + refreshonly => true, + subscribe => Concat["${dns::zone_directory}/${zone}.db"], + } + } else { + exec { "Dns::zone reload ${zone}": + command => [$dns::rndc, 'reload', $zone], + refreshonly => true, + subscribe => Concat["${dns::zone_directory}/${zone}.db"], + } + } +} |