1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
# @summary sets up a DNS server
#
# @param config_file
# Bind9 configuration file
# @param directory
# Maps to bind9 directory. Base for all relative paths.
# @param checkzone
# Absolute path to named-checkzone binary
# @param checkconf
# Absolute path to named-checkconf binary
# @param packagename
# Name of the bind9 system package
# @param manage_package
# Should the bind9 system package be managed by this module.
# @param rndc
# Absolute path to rndc binary
# @param keys
# Dns::Key resources to create
# @param zones
# Dns::Zones resources to create
# @param rndc_key_file
# Location of rndc key. Note that this doesn't change where it ends up, but rather were we expect it to end up.
# Key will be generated through `rndc-confgen -a`.
# @param servicename
# Name of the system service to manage
# @param rndc_confgen
# Path to rndc-confgen binary
# @param config_dir
# Directory for extra configuration files. Some systems places the
# default configuration file inside this directory.
# @param manage_dir
# Should the configuration dir be managed by this module.
# @param user
# System user which runs the server.
# Only used to set permissions for files, so MUST be set to what
# the system already expects.
class dns (
String $config_file = '/etc/named.conf',
String $config_dir = '/etc/named.d',
Boolean $manage_dir = false,
String $rndc_key_file = '/etc/rndc.key',
String $directory = '/var/named',
String $checkzone = '/usr/bin/named-checkzone',
String $checkconf = '/usr/bin/named-checkconf',
Hash[String, Dns::Keyentry] $keys = {},
Hash[String, Dns::Zoneentry] $zones = {},
String $packagename = 'bind9',
Boolean $manage_package = true,
String $servicename = 'named',
String $rndc = '/usr/bin/rndc',
String $rndc_confgen = '/usr/bin/rndc-confgen',
String $user = 'bind',
) {
$zone_directory = "${directory}/zones"
$jnl_directory = "${directory}/journal"
if $dns::manage_package {
package { $dns::packagename:
ensure => installed,
}
# bind9-dnsutils
}
file { $dns::directory:
ensure => directory,
owner => $dns::user,
mode => 'u+rwx',
}
file { $dns::zone_directory:
ensure => directory,
recurse => true,
purge => true,
owner => $dns::user,
mode => 'u+rwx',
}
file { $dns::jnl_directory:
ensure => directory,
owner => $dns::user,
mode => 'u+rwx',
}
service { $servicename:
ensure => running,
enable => true,
}
create_resources(dns::key, $keys)
create_resources(dns::zone, $zones)
if $manage_dir {
file { $config_dir:
ensure => directory,
recurse => true,
purge => true,
}
}
exec { 'Setup rndc key':
command => [$rndc_confgen, '-a', '-u', $user],
creates => $rndc_key_file,
} -> file { $rndc_key_file:
ensure => file,
}
concat { $config_file:
ensure_newline => true,
warn => '# File managed by Puppet. Local changes WILL be overwritter',
validate_cmd => "${checkconf} %",
notify => Service[$servicename],
}
concat::fragment { 'named.conf main configuration':
target => $config_file,
content => epp("${module_name}/named.conf.epp"),
order => '01',
}
concat::fragment { 'named.conf rndc configuration':
target => $config_file,
content => epp("${module_name}/named-rndc.conf.epp"),
order => '05',
}
}
|