1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
# @summary sets up a DNS server
#
# @param config_file
# Bind9 configuration file
# @param directory
# Maps to bind9 directory. Base for all relative paths.
# @param checkzone
# Absolute path to named-checkzone binary
# @param checkconf
# Absolute path to named-checkconf binary
# @param packagename
# Name of the bind9 system package
# @param manage_package
# Should the bind9 system package be managed by this module.
# @param rndc
# Absolute path to rndc binary
# @param keys
# Dns::Key resources to create
# @param zones
# Dns::Zones resources to create
# @param rndc_key_file
# Location of rndc key. Note that this doesn't change where it ends up, but rather were we expect it to end up.
# Key will be generated through `rndc-confgen -a`.
# @param servicename
# Name of the system service to manage
# @param rndc_confgen
# Path to rndc-confgen binary
# @param config_dir
# Directory for extra configuration files. Some systems places the
# default configuration file inside this directory.
# @param manage_dir
# Should the configuration dir be managed by this module.
# @param user
# System user which runs the server.
# Only used to set permissions for files, so MUST be set to what
# the system already expects.
class dns (
String $config_file = '/etc/named.conf',
String $config_dir = '/etc/named.d',
Boolean $manage_dir = false,
String $rndc_key_file = '/etc/rndc.key',
String $directory = '/var/named',
String $checkzone = '/usr/bin/named-checkzone',
String $checkconf = '/usr/bin/named-checkconf',
Hash[String, Dns::Keyentry] $keys = {},
Hash[String, Dns::Zoneentry] $zones = {},
String $packagename = 'bind9',
Boolean $manage_package = true,
String $servicename = 'named',
String $rndc = '/usr/bin/rndc',
String $rndc_confgen = '/usr/bin/rndc-confgen',
String $user = 'bind',
) {
$zone_directory = "${directory}/zones"
$jnl_directory = "${directory}/journal"
if $dns::manage_package {
package { $dns::packagename:
ensure => installed,
}
# bind9-dnsutils
}
file { $dns::directory:
ensure => directory,
owner => $dns::user,
mode => 'u+rwx',
}
file { $dns::zone_directory:
ensure => directory,
recurse => true,
purge => true,
owner => $dns::user,
mode => 'u+rwx',
}
file { $dns::jnl_directory:
ensure => directory,
owner => $dns::user,
mode => 'u+rwx',
}
service { $servicename:
ensure => running,
enable => true,
}
create_resources(dns::key, $keys)
create_resources(dns::zone, $zones)
if $manage_dir {
file { $config_dir:
ensure => directory,
recurse => true,
purge => true,
}
}
exec { 'Setup rndc key':
command => [$rndc_confgen, '-a', '-u', $user],
creates => $rndc_key_file,
} -> file { $rndc_key_file:
ensure => file,
}
$warn = @(EOF)
#
# File managed by Puppet. Local changes WILL be overwritter',
#
| EOF
concat { $config_file:
ensure_newline => true,
validate_cmd => "${checkconf} %",
notify => Service[$servicename],
warn => $warn,
}
concat::fragment { 'named.conf main configuration':
target => $config_file,
content => epp("${module_name}/named.conf.epp"),
order => '01',
}
concat::fragment { 'named.conf rndc configuration':
target => $config_file,
content => epp("${module_name}/named-rndc.conf.epp"),
order => '05',
}
}
|
