4 files changed, 122 insertions, 79 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
index a7d2b05..ffb102d 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -23,38 +23,60 @@
 #   Name of the system service to manage
 # @param rndc_confgen
 #   Path to rndc-confgen binary
+# @param config_dir
+#   Directory for extra configuration files. Some systems places the
+#   default configuration file inside this directory.
+# @param manage_dir
+#   Should the configuration dir be managed by this module.
+# @param user
+#   System user which runs the server.
+#   Only used to set permissions for files, so MUST be set to what
+#   the system already expects.
 class dns (
   String $config_file = '/etc/named.conf',
-  # String $config_dir = '/etc/named.d',
+  String $config_dir = '/etc/named.d',
+  Boolean $manage_dir = false,
   String $rndc_key_file = '/etc/rndc.key',
   String $directory = '/var/named',
   String $checkzone = '/usr/bin/named-checkzone',
   String $checkconf = '/usr/bin/named-checkconf',
-  Hash[String, Dns::Keyentry] $keys = [],
-  Hash[String, Dns::Zoneentry] $zones = [],
+  Hash[String, Dns::Keyentry] $keys = {},
+  Hash[String, Dns::Zoneentry] $zones = {},
   String $packagename = 'bind9',
   Boolean $manage_package = true,
   String $servicename = 'named',
   String $rndc = '/usr/bin/rndc',
   String $rndc_confgen = '/usr/bin/rndc-confgen',
+  String $user = 'bind',
 ) {
   $zone_directory = "${directory}/zones"
   $jnl_directory = "${directory}/journal"
 
-  file { $zone_directory:
+  if $dns::manage_package {
+    package { $dns::packagename:
+      ensure => installed,
+    }
+    # bind9-dnsutils
+  }
+
+  file { $dns::directory:
+    ensure => directory,
+    owner  => $dns::user,
+    mode   => 'u+rwx',
+  }
+
+  file { $dns::zone_directory:
     ensure  => directory,
     recurse => true,
     purge   => true,
+    owner   => $dns::user,
+    mode    => 'u+rwx',
   }
 
-  file { $jnl_directory:
+  file { $dns::jnl_directory:
     ensure => directory,
-  }
-
-  if $manage_package {
-    package { $packagename:
-      ensure => installed,
-    }
+    owner  => $dns::user,
+    mode   => 'u+rwx',
   }
 
   service { $servicename:
@@ -62,27 +84,27 @@ class dns (
     enable => true,
   }
 
-  notify { 
-    'zones': message => "${zones}" ;
-    'keys':  message => "${keys}" ;
-  }
+  create_resources(dns::key, $keys)
+  create_resources(dns::zone, $zones)
 
-  # create_resources(dns::key, $keys)
-  # create_resources(dns::zone, $zones)
-
-  # file { $config_dir:
-  #   ensure  => directory,
-  #   recurse => true,
-  # }
+  if $manage_dir {
+    file { $config_dir:
+      ensure  => directory,
+      recurse => true,
+      purge   => true,
+    }
+  }
 
   exec { 'Setup rndc key':
-    cmd     => [$rndc_confgen, '-a'],
+    command => [$rndc_confgen, '-a', '-u', $user],
     creates => $rndc_key_file,
+  } -> file { $rndc_key_file:
+    ensure => file,
   }
 
   concat { $config_file:
     ensure_newline => true,
-    warn           => '; File managed by Puppet. Local changes WILL be overwritter',
+    warn           => '# File managed by Puppet. Local changes WILL be overwritter',
     validate_cmd   => "${checkconf} %",
     notify         => Service[$servicename],
   }
@@ -90,10 +112,12 @@ class dns (
   concat::fragment { 'named.conf main configuration':
     target  => $config_file,
     content => epp("${module_name}/named.conf.epp"),
+    order   => '01',
   }
 
   concat::fragment { 'named.conf rndc configuration':
     target  => $config_file,
     content => epp("${module_name}/named-rndc.conf.epp"),
+    order   => '05',
   }
 }
diff --git a/manifests/key.pp b/manifests/key.pp
index 2a762ae..01856a3 100644
--- a/manifests/key.pp
+++ b/manifests/key.pp
@@ -14,6 +14,7 @@ define dns::key (
   String $keyname = $name,
 ) {
   concat::fragment { "Dns::Key - ${keyname}":
+    target  => $dns::config_file,
     content => epp("${module_name}/key.epp", {
         keyname   => $keyname,
         algorithm => $algorithm,
diff --git a/manifests/record.pp b/manifests/record.pp
index 83476a0..2ecb52f 100644
--- a/manifests/record.pp
+++ b/manifests/record.pp
@@ -11,23 +11,29 @@
 #   Allow multiple records with the same name and class.
 #   Most record types only allow one value, but some allow multiple.
 #   Setting this to true allows for multiple. This value is
-#   automatically true for TXT & NS.
+#   automatically true for TXT, MX & NS.
 # @param zone
 #   Name of the zone this record belongs to.
 # @param value
 #   Record content.
 #   Syntax depends on `type`.
+#   Some record types have extra processing.
+#   TXT splits data into chunks of 255 characters (TODO shouldn't
+#   this be bytes) and the surrounds each chunk with quotation marks.
 define dns::record (
   String $zone,
   Dns::Rr $type,
   String $value,
-  Dns::Class $class = 'IN',
-  String $dns_name = $name,
+  Dns::Class $cls = 'IN',
+  String $key = $name,
   Optional[Dns::Ttl] $ttl = undef,
   Boolean $duplicate = false,
 ) {
+  $zone_ = dns::ensure_ending_period($zone)
+
   $allow_duplicate = case $type {
     'TXT',
+    'MX',
     'NS': {
       true
     }
@@ -36,13 +42,21 @@ define dns::record (
     }
   }
 
-  $frag_name = if $allow_duplicate {
-    "Dns::Record - ${zone} - ${class} ${type} ${dns_name} ${value}"
-  } else {
-    "Dns::Record - ${zone} - ${class} ${type} ${dns_name}"
+  $value_ = case $type {
+    'TXT': {
+      $value.slice(255).map |$x| { "\"${x.join()}\"" }.join(' ')
+    }
+    default: {
+      $value
+    }
   }
 
-  concat::fragment { $frag_name:
-    target => "${dns::zone_directory}/${zone}.db",
+  dns_record2 { $name:
+    type  => $type,
+    value => $value_,
+    cls   => $cls,
+    zone  => $zone,
+    ttl   => $ttl,
+    key   => $key,
   }
 }
diff --git a/manifests/zone.pp b/manifests/zone.pp
index 954ff48..33c2b0d 100644
--- a/manifests/zone.pp
+++ b/manifests/zone.pp
@@ -30,21 +30,25 @@
 #   reloaded afterwards.
 #
 #   Defaults to true if an update_policy is set.
+# @param soa_ttl
+#   TTL of SOA record.
 define dns::zone (
-  String $mname,
-  String $rname,
+  Boolean $manage_soa = true,
 
+  String $rname = undef,
+  String $mname = $ns[0],
   Dns::Ttl $refresh = '24h',
   Dns::Ttl $retry = '2h',
   Dns::Ttl $expire = '1000h',
   Dns::Ttl $negative_ttl = '2d',
   Dns::Ttl $ttl = '24h',
+  Optional[Dns::Ttl] $soa_ttl = undef,
 
   String $zone = $name,
 
   Array[Dns::RecordEntry] $records = [],
 
-  Array[String] $ns = [],
+  Array[String] $ns = [$mname],
 
   String $type = 'master',
 
@@ -53,30 +57,9 @@ define dns::zone (
 ) {
   $zone_ = dns::ensure_ending_period($zone)
 
-  concat { "${dns::zone_directory}/${zone}.db":
-    validate_cmd   => "${dns::checkzone} '${zone}' %",
-    ensure_newline => true,
-    require        => if $dynamic { Exec["Dns::zone freeze ${zone}"] } else { undef },
-  }
-
   $zone_serial = $facts.get("dns_zone_serial.'${zone_}'", 0)
 
-  concat::fragment { "Dns::Record - ${zone} - SOA":
-    target  => "${dns::zone_directory}/${zone}.db",
-    order   => '01',
-    content => epp("${module_name}/zone.epp", {
-        zone         => $zone_,
-        mname        => dns::ensure_ending_period($mname),
-        rname        => dns::convert_to_rname($rname),
-        serial       => $zone_serial + 1,
-        refresh      => $refresh,
-        expire       => $expire,
-        negative_ttl => $negative_ttl,
-        default_ttl  => $ttl,
-    }),
-  }
-
-  concat::fragment { "Dns::Zone - ${zone}":
+  concat::fragment { "Dns::Zone - ${zone_}":
     target  => $dns::config_file,
     content => epp("${module_name}/zoneconf.epp", {
         zone          => $zone_,
@@ -85,38 +68,59 @@ define dns::zone (
     }),
   }
 
-  $ns.each |$ns| {
-    dns::record { "Dns::Zore - record - ${zone} NS ${ns}":
-      type => 'NS',
-      zone => $zone,
-    }
-  }
+  # $ns.each |$ns| {
+  #   dns::record { "Dns::Zone - record - ${zone} NS ${ns}":
+  #     key   => '@',
+  #     type  => 'NS',
+  #     zone  => $zone_,
+  #     value => $ns,
+  #   }
+  # }
 
-  $fixed_records = $records.each |$record| {
-    { "Dns::Zone - record - ${zone} - ${record['class']} ${record['type']} ${record['key']} ${record['value']}"
-    => $record + { dns_name => $record['key'] } }
-  }
+  # $fixed_records = $records.map |$record| {
+  #   ["Dns::Zone - record - ${zone_} - ${record['class']} ${record['type']} ${record['key']} ${record['value']}",
+  #   $record + { key => $record['key'] } - ['key']]
+  # }.convert_to(Hash)
+
+  # create_resources(dns::record, $fixed_records, {
+  #     zone => $zone_,
+  # })
 
-  create_resources(dns::record, $fixed_records, {
-      zone => $zone,
-  })
+  $params = {
+    'rname'        => $rname,
+    'mname'        => $mname,
+    'refresh'      => $refresh,
+    'expire'       => $expire,
+    'negative_ttl' => $negative_ttl,
+    'soa_ttl'      => $soa_ttl,
+    'retry'        => $retry,
+  }
 
   if $dynamic {
-    exec { "Dns::zone freeze ${zone}":
-      command     => [$dns::rndc, 'freeze', $zone],
+    dns_zone2 { $zone:
+      require => Exec["Dns::zone freeze ${zone_}"],
+      *       => $params,
+    }
+
+    exec { "Dns::zone freeze ${zone_}":
+      command     => [$dns::rndc, 'freeze', $zone_],
       refreshonly => true,
     }
 
-    exec { "Dns::zone thaw ${zone}":
-      command     => [$dns::rndc, 'thaw', $zone],
+    exec { "Dns::zone thaw ${zone_}":
+      command     => [$dns::rndc, 'thaw', $zone_],
       refreshonly => true,
-      subscribe   => Concat["${dns::zone_directory}/${zone}.db"],
+      subscribe   => Dns_zone2[$zone_],
     }
   } else {
-    exec { "Dns::zone reload ${zone}":
-      command     => [$dns::rndc, 'reload', $zone],
+    dns_zone2 { $zone:
+      * => $params,
+    }
+
+    exec { "Dns::zone reload ${zone_}":
+      command     => [$dns::rndc, 'reload', $zone_],
       refreshonly => true,
-      subscribe   => Concat["${dns::zone_directory}/${zone}.db"],
+      subscribe   => Dns_zone2[$zone_],
     }
   }
 }