1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
# @param zone
# Domain this zone controls.
# @param mname
# Primary master
# @param rname
# mail to zone admin
# @param retry
# Retry value for zone
# @param expire
# Expire value for zone
# @param negative_ttl
# Negative ttl for zone
# @param ttl
# Default ttl for zone
# @param refresh
# Refresh value for SOA
# @param records
# Hash of records to create. Instanciates Dns::Record resources.
# @param ns
# List of nameservers for this zone. Creates Dns::Record resources
# with NS entries.
# @param type
# Zonetype. master, slave, ...
# @param update_policy
# A bind9 update policy, as a string.
# @param dynamic
# However if this zone should be treated as a dynamic zone. If
# enabled rndc freezes and thaws the zone around static updates.
# Otherwise the zone file will be directly changed, and simply
# reloaded afterwards.
#
# Defaults to true if an update_policy is set.
define dns::zone (
String $mname,
String $rname,
Dns::Ttl $refresh = '24h',
Dns::Ttl $retry = '2h',
Dns::Ttl $expire = '1000h',
Dns::Ttl $negative_ttl = '2d',
Dns::Ttl $ttl = '24h',
String $zone = $name,
Array[Dns::RecordEntry] $records = [],
Array[String] $ns = [],
String $type = 'master',
Optional[String] $update_policy = undef,
Boolean $dynamic = $update_policy != undef,
) {
$zone_ = dns::ensure_ending_period($zone)
concat { "${dns::zone_directory}/${zone}.db":
validate_cmd => "${dns::checkzone} '${zone}' %",
ensure_newline => true,
require => if $dynamic { Exec["Dns::zone freeze ${zone}"] } else { undef },
}
$zone_serial = $facts.get("dns_zone_serial.'${zone_}'", 0)
concat::fragment { "Dns::Record - ${zone} - SOA":
target => "${dns::zone_directory}/${zone}.db",
order => '01',
content => epp("${module_name}/zone.epp", {
zone => $zone_,
mname => dns::ensure_ending_period($mname),
rname => dns::convert_to_rname($rname),
serial => $zone_serial + 1,
refresh => $refresh,
expire => $expire,
negative_ttl => $negative_ttl,
default_ttl => $ttl,
}),
}
concat::fragment { "Dns::Zone - ${zone}":
target => $dns::config_file,
content => epp("${module_name}/zoneconf.epp", {
zone => $zone_,
type => $type,
update_policy => $update_policy,
}),
}
$ns.each |$ns| {
dns::record { "Dns::Zore - record - ${zone} NS ${ns}":
type => 'NS',
zone => $zone,
}
}
$fixed_records = $records.each |$record| {
{ "Dns::Zone - record - ${zone} - ${record['class']} ${record['type']} ${record['key']} ${record['value']}"
=> $record + { dns_name => $record['key'] } }
}
create_resources(dns::record, $fixed_records, {
zone => $zone,
})
if $dynamic {
exec { "Dns::zone freeze ${zone}":
command => [$dns::rndc, 'freeze', $zone],
refreshonly => true,
}
exec { "Dns::zone thaw ${zone}":
command => [$dns::rndc, 'thaw', $zone],
refreshonly => true,
subscribe => Concat["${dns::zone_directory}/${zone}.db"],
}
} else {
exec { "Dns::zone reload ${zone}":
command => [$dns::rndc, 'reload', $zone],
refreshonly => true,
subscribe => Concat["${dns::zone_directory}/${zone}.db"],
}
}
}
|