From 812c3f4d6162cf7af8f8cbedb6abb6d72bd537e9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= <hugo@lysator.liu.se>
Date: Fri, 5 May 2023 01:46:46 +0200
Subject: "Working" product.

---
 manifests/init.pp | 72 ++++++++++++++++++++++++++++++++++++-------------------
 1 file changed, 48 insertions(+), 24 deletions(-)

(limited to 'manifests/init.pp')

diff --git a/manifests/init.pp b/manifests/init.pp
index a7d2b05..ffb102d 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -23,38 +23,60 @@
 #   Name of the system service to manage
 # @param rndc_confgen
 #   Path to rndc-confgen binary
+# @param config_dir
+#   Directory for extra configuration files. Some systems places the
+#   default configuration file inside this directory.
+# @param manage_dir
+#   Should the configuration dir be managed by this module.
+# @param user
+#   System user which runs the server.
+#   Only used to set permissions for files, so MUST be set to what
+#   the system already expects.
 class dns (
   String $config_file = '/etc/named.conf',
-  # String $config_dir = '/etc/named.d',
+  String $config_dir = '/etc/named.d',
+  Boolean $manage_dir = false,
   String $rndc_key_file = '/etc/rndc.key',
   String $directory = '/var/named',
   String $checkzone = '/usr/bin/named-checkzone',
   String $checkconf = '/usr/bin/named-checkconf',
-  Hash[String, Dns::Keyentry] $keys = [],
-  Hash[String, Dns::Zoneentry] $zones = [],
+  Hash[String, Dns::Keyentry] $keys = {},
+  Hash[String, Dns::Zoneentry] $zones = {},
   String $packagename = 'bind9',
   Boolean $manage_package = true,
   String $servicename = 'named',
   String $rndc = '/usr/bin/rndc',
   String $rndc_confgen = '/usr/bin/rndc-confgen',
+  String $user = 'bind',
 ) {
   $zone_directory = "${directory}/zones"
   $jnl_directory = "${directory}/journal"
 
-  file { $zone_directory:
+  if $dns::manage_package {
+    package { $dns::packagename:
+      ensure => installed,
+    }
+    # bind9-dnsutils
+  }
+
+  file { $dns::directory:
+    ensure => directory,
+    owner  => $dns::user,
+    mode   => 'u+rwx',
+  }
+
+  file { $dns::zone_directory:
     ensure  => directory,
     recurse => true,
     purge   => true,
+    owner   => $dns::user,
+    mode    => 'u+rwx',
   }
 
-  file { $jnl_directory:
+  file { $dns::jnl_directory:
     ensure => directory,
-  }
-
-  if $manage_package {
-    package { $packagename:
-      ensure => installed,
-    }
+    owner  => $dns::user,
+    mode   => 'u+rwx',
   }
 
   service { $servicename:
@@ -62,27 +84,27 @@ class dns (
     enable => true,
   }
 
-  notify { 
-    'zones': message => "${zones}" ;
-    'keys':  message => "${keys}" ;
-  }
+  create_resources(dns::key, $keys)
+  create_resources(dns::zone, $zones)
 
-  # create_resources(dns::key, $keys)
-  # create_resources(dns::zone, $zones)
-
-  # file { $config_dir:
-  #   ensure  => directory,
-  #   recurse => true,
-  # }
+  if $manage_dir {
+    file { $config_dir:
+      ensure  => directory,
+      recurse => true,
+      purge   => true,
+    }
+  }
 
   exec { 'Setup rndc key':
-    cmd     => [$rndc_confgen, '-a'],
+    command => [$rndc_confgen, '-a', '-u', $user],
     creates => $rndc_key_file,
+  } -> file { $rndc_key_file:
+    ensure => file,
   }
 
   concat { $config_file:
     ensure_newline => true,
-    warn           => '; File managed by Puppet. Local changes WILL be overwritter',
+    warn           => '# File managed by Puppet. Local changes WILL be overwritter',
     validate_cmd   => "${checkconf} %",
     notify         => Service[$servicename],
   }
@@ -90,10 +112,12 @@ class dns (
   concat::fragment { 'named.conf main configuration':
     target  => $config_file,
     content => epp("${module_name}/named.conf.epp"),
+    order   => '01',
   }
 
   concat::fragment { 'named.conf rndc configuration':
     target  => $config_file,
     content => epp("${module_name}/named-rndc.conf.epp"),
+    order   => '05',
   }
 }
-- 
cgit v1.2.3