From 3a1a7d397f1badf50e0ec18360796d570bfb82e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= Date: Sat, 10 Jun 2023 17:48:48 +0200 Subject: Force all zone names to end in a period. --- manifests/init.pp | 2 +- manifests/record.pp | 4 +--- manifests/zone.pp | 40 +++++++++++++++++++--------------------- types/zonename.pp | 2 ++ 4 files changed, 23 insertions(+), 25 deletions(-) create mode 100644 types/zonename.pp diff --git a/manifests/init.pp b/manifests/init.pp index 3630cb0..24bfb0e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -66,7 +66,7 @@ class dns ( String $checkzone = '/usr/bin/named-checkzone', String $checkconf = '/usr/bin/named-checkconf', Hash[String, Dns::Keyentry] $keys = {}, - Hash[String, Dns::Zoneentry] $zones = {}, + Hash[Dns::Zonename, Dns::Zoneentry] $zones = {}, String $packagename = 'bind9', Boolean $manage_package = true, String $servicename = 'named', diff --git a/manifests/record.pp b/manifests/record.pp index aaac0e0..c8b0baa 100644 --- a/manifests/record.pp +++ b/manifests/record.pp @@ -31,7 +31,7 @@ # relative to the zone if not. '@' for the "empty" key. # TODO tests for above? define dns::record ( - String $zone, + Dns::Zonename $zone, Dns::Rr $type, String $value, Dns::Class $cls = 'IN', @@ -39,8 +39,6 @@ define dns::record ( Optional[Dns::Ttl] $ttl = undef, Boolean $duplicate = false, ) { - $zone_ = dns::ensure_ending_period($zone) - $allow_duplicate = case $type { 'TXT', 'MX', diff --git a/manifests/zone.pp b/manifests/zone.pp index 4926eed..2ab14a8 100644 --- a/manifests/zone.pp +++ b/manifests/zone.pp @@ -73,7 +73,7 @@ define dns::zone ( Dns::Ttl $ttl = '24h', Optional[Dns::Ttl] $soa_ttl = undef, - String $zone = $name, + Dns::Zonename $zone = $name, Array[Dns::RecordEntry] $records = [], @@ -96,10 +96,8 @@ define dns::zone ( Enum['present', 'absent'] $ensure = 'present', ) { - $zone_ = dns::ensure_ending_period($zone) - if $ensure == 'present' { - dns_zone2 { $zone_: + dns_zone2 { $zone: ensure => 'present', rname => $rname, mname => $mname, @@ -124,28 +122,28 @@ define dns::zone ( } if $dynamic { - exec { "Dns::zone freeze ${zone_}": - command => [$dns::rndc, 'freeze', $zone_], + exec { "Dns::zone freeze ${zone}": + command => [$dns::rndc, 'freeze', $zone], refreshonly => true, - notify => Dns_zone2[$zone_], + notify => Dns_zone2[$zone], } - exec { "Dns::zone thaw ${zone_}": - command => [$dns::rndc, 'thaw', $zone_], + exec { "Dns::zone thaw ${zone}": + command => [$dns::rndc, 'thaw', $zone], refreshonly => true, - subscribe => Dns_zone2[$zone_], + subscribe => Dns_zone2[$zone], } } else { - exec { "Dns::zone reload ${zone_}": - command => [$dns::rndc, 'reload', $zone_], + exec { "Dns::zone reload ${zone}": + command => [$dns::rndc, 'reload', $zone], refreshonly => true, - subscribe => Dns_zone2[$zone_], + subscribe => Dns_zone2[$zone], } } $ns.each |$entry| { - dns::record { "${zone_} NS ${entry}": - zone => $zone_, + dns::record { "${zone} NS ${entry}": + zone => $zone, key => '@', type => 'NS', value => $entry, @@ -153,9 +151,9 @@ define dns::zone ( } $records.each |$record| { - $name = "${zone_} ${record['type']} ${record['key']} ${record['value']}" + $name = "${zone} ${record['type']} ${record['key']} ${record['value']}" dns::record { $name: - zone => $zone_, + zone => $zone, type => $record['type'], value => $record['value'], cls => $record['dns_class'], @@ -163,18 +161,18 @@ define dns::zone ( } } } else { - dns_zone2 { $zone_: + dns_zone2 { $zone: ensure => 'absent', } } - file { "${dns::zoneconf_dir}/${zone_}conf": + file { "${dns::zoneconf_dir}/${zone}conf": ensure => $ensure, content => epp("${module_name}/zoneconf.epp", { - zone => $zone_, + zone => $zone, type => $type, update_policy => $update_policy, }), - require => Dns_zone2[$zone_], + require => Dns_zone2[$zone], } } diff --git a/types/zonename.pp b/types/zonename.pp new file mode 100644 index 0000000..b520656 --- /dev/null +++ b/types/zonename.pp @@ -0,0 +1,2 @@ +# Zonenames MUST end in a period +type Dns::Zonename = Pattern[/[.]\Z/] -- cgit v1.2.3