From 1b5393f6c8e5c5707410701cceb3c6fb99fda613 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= Date: Thu, 8 Jun 2023 13:07:03 +0200 Subject: work --- manifests/init.pp | 8 +++- manifests/zone.pp | 140 +++++++++++++++++++++++++++++++++--------------------- 2 files changed, 92 insertions(+), 56 deletions(-) (limited to 'manifests') diff --git a/manifests/init.pp b/manifests/init.pp index a3e073a..d80cea3 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -104,11 +104,17 @@ class dns ( ensure => file, } + $warn = @(EOF) + # + # File managed by Puppet. Local changes WILL be overwritter', + # + | EOF + concat { $config_file: ensure_newline => true, - warn => '# File managed by Puppet. Local changes WILL be overwritter', validate_cmd => "${checkconf} %", notify => Service[$servicename], + warn => $warn, } concat::fragment { 'named.conf main configuration': diff --git a/manifests/zone.pp b/manifests/zone.pp index 828b887..bf35a52 100644 --- a/manifests/zone.pp +++ b/manifests/zone.pp @@ -41,6 +41,28 @@ # Defaults to true if an update_policy is set. # @param soa_ttl # TTL of SOA record. +# +# @param owner +# Owner of zonefile. +# @param group +# Group of zonefile. +# @param backup +# Should a backup be created. See file resources documentation. +# @param selinux_ignore_defaults +# See file resources documentation. +# @param selrange +# See file resources documentation. +# @param selrole +# See file resources documentation. +# @param seltype +# See file resources documentation. +# @param seluser +# See file resources documentation. +# @param show_diff +# Should a diff be shown. +# +# @param ensure +# Should this zone be present define dns::zone ( String $rname = undef, String $mname = $ns[0], @@ -61,73 +83,81 @@ define dns::zone ( Optional[String] $update_policy = undef, Boolean $dynamic = $update_policy != undef, + + Optional[Variant[String, Integer]] $owner = undef, + Optional[Variant[String, Integer]] $group = undef, + Variant[Boolean, String] $backup = false, + Optional[Boolean] $selinux_ignore_defaults = undef, + Optional[String] $selrange = undef, + Optional[String] $selrole = undef, + Optional[String] $seltype = undef, + Optional[String] $seluser = undef, + Boolean $show_diff = true, + + Enum['present', 'absent'] $ensure = 'present', ) { $zone_ = dns::ensure_ending_period($zone) $zone_serial = $facts.get("dns_zone_serial.'${zone_}'", 0) - concat::fragment { "Dns::Zone - ${zone_}": - target => $dns::config_file, - content => epp("${module_name}/zoneconf.epp", { - zone => $zone_, - type => $type, - update_policy => $update_policy, - }), - } - - # $ns.each |$ns| { - # dns::record { "Dns::Zone - record - ${zone} NS ${ns}": - # key => '@', - # type => 'NS', - # zone => $zone_, - # value => $ns, - # } - # } - - # $fixed_records = $records.map |$record| { - # ["Dns::Zone - record - ${zone_} - ${record['class']} ${record['type']} ${record['key']} ${record['value']}", - # $record + { key => $record['key'] } - ['key']] - # }.convert_to(Hash) - - # create_resources(dns::record, $fixed_records, { - # zone => $zone_, - # }) - $params = { - 'rname' => $rname, - 'mname' => $mname, - 'refresh' => $refresh, - 'expire' => $expire, - 'negative_ttl' => $negative_ttl, - 'soa_ttl' => $soa_ttl, - 'retry' => $retry, + 'rname' => $rname, + 'mname' => $mname, + 'refresh' => $refresh, + 'expire' => $expire, + 'negative_ttl' => $negative_ttl, + 'soa_ttl' => $soa_ttl, + 'retry' => $retry, + 'owner' => $owner, + 'group' => $group, + 'backup' => $backup, + 'selinux_ignore_defaults' => $selinux_ignore_defaults, + 'selrange' => $selrange, + 'selrole' => $selrole, + 'seltype' => $seltype, + 'seluser' => $seluser, + 'show_diff' => $show_diff, + 'ensure' => $ensure, } - if $dynamic { - dns_zone2 { $zone: - require => Exec["Dns::zone freeze ${zone_}"], - * => $params, - } - - exec { "Dns::zone freeze ${zone_}": - command => [$dns::rndc, 'freeze', $zone_], - refreshonly => true, - } - - exec { "Dns::zone thaw ${zone_}": - command => [$dns::rndc, 'thaw', $zone_], - refreshonly => true, - subscribe => Dns_zone2[$zone_], + if $ensure == 'present' { + if $dynamic { + exec { "Dns::zone freeze ${zone_}": + command => [$dns::rndc, 'freeze', $zone_], + refreshonly => true, + } + ~> dns_zone2 { $zone_: + * => $params, + } + ~> exec { "Dns::zone thaw ${zone_}": + command => [$dns::rndc, 'thaw', $zone_], + refreshonly => true, + subscribe => Dns_zone2[$zone_], + } + } else { + dns_zone2 { $zone_: + * => $params, + } + ~> exec { "Dns::zone reload ${zone_}": + command => [$dns::rndc, 'reload', $zone_], + refreshonly => true, + } } } else { - dns_zone2 { $zone: - notify => Exec["Dns::zone reload ${zone_}"], - * => $params, + dns_zone2 { $zone_: + ensure => 'absent', } + } - exec { "Dns::zone reload ${zone_}": - command => [$dns::rndc, 'reload', $zone_], - refreshonly => true, + if $ensure == 'present' { + concat::fragment { "Dns::Zone - ${zone_}": + target => $dns::config_file, + content => epp("${module_name}/zoneconf.epp", { + zone => $zone_, + type => $type, + update_policy => $update_policy, + }), + require => Dns_zone2[$zone_], } } } -- cgit v1.2.3