feat: add dns resolver/master classes
- define resolver and master dns server - export A and PTR records from dns clients - collect exported resources for master - create hiera structure for acls, zones and views
This commit is contained in:
@@ -0,0 +1,34 @@
|
||||
# profiles::dns::client
|
||||
define profiles::dns::client (
|
||||
Integer $ttl = 600,
|
||||
String $intf = $facts['networking']['primary'],
|
||||
String $addr = $facts['networking']['ip'],
|
||||
String $fqdn = $facts['networking']['fqdn'],
|
||||
Boolean $forward = true,
|
||||
Boolean $reverse = true,
|
||||
){
|
||||
|
||||
if $forward {
|
||||
@@resource_record { "${fqdn}_${intf}-a":
|
||||
ensure => present,
|
||||
record => $::facts['networking']['fqdn'],
|
||||
type => 'A',
|
||||
data => [$::facts['networking']['ip']],
|
||||
ttl => $ttl,
|
||||
zone => "${::facts['networking']['domain']}-master",
|
||||
tag => 'master-a-record',
|
||||
}
|
||||
}
|
||||
|
||||
if $reverse {
|
||||
@@resource_record { "${fqdn}_${addr}-ptr":
|
||||
ensure => present,
|
||||
record => $::facts['arpa'][$intf]['addr'],
|
||||
type => 'PTR',
|
||||
data => [$fqdn],
|
||||
ttl => $ttl,
|
||||
zone => "${::facts['arpa'][$intf]['zone']}-master",
|
||||
tag => 'master-ptr-record',
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,27 @@
|
||||
# profiles::dns::master authoritative service
|
||||
class profiles::dns::master (
|
||||
Hash $acls = {},
|
||||
Hash $zones = {},
|
||||
Hash $views = {},
|
||||
Hash[
|
||||
String,
|
||||
String
|
||||
] $tags = {},
|
||||
Boolean $dnssec = false,
|
||||
){
|
||||
|
||||
class {'profiles::dns::server':
|
||||
acls => $acls,
|
||||
zones => $zones,
|
||||
views => $views,
|
||||
forwarders => [],
|
||||
dnssec => $dnssec,
|
||||
}
|
||||
|
||||
# collect records
|
||||
$tags.each | String $key, String $tag_value | {
|
||||
if $tag_value != undef {
|
||||
Resource_record <<| tag == $tag_value |>>
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,16 @@
|
||||
# profiles::dns::resolver
|
||||
class profiles::dns::resolver (
|
||||
Hash $acls = {},
|
||||
Hash $zones = {},
|
||||
Hash $views = {},
|
||||
Array $forwarders = ['8.8.8.8', '1.1.1.1'],
|
||||
){
|
||||
|
||||
class {'profiles::dns::server':
|
||||
acls => $acls,
|
||||
zones => $zones,
|
||||
views => $views,
|
||||
forwarders => $forwarders,
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,44 @@
|
||||
# profiles::dns::server
|
||||
class profiles::dns::server (
|
||||
Hash $acls = {},
|
||||
Hash $zones = {},
|
||||
Hash $views = {},
|
||||
Array $forwarders = ['8.8.8.8', '1.1.1.1'],
|
||||
Boolean $dnssec = true,
|
||||
){
|
||||
|
||||
# if forwarders are empty, set it to undef
|
||||
if $forwarders == [] {
|
||||
$use_forwarders = undef
|
||||
}else{
|
||||
$use_forwarders = $forwarders
|
||||
}
|
||||
|
||||
# setup base bind server
|
||||
class { 'bind':
|
||||
forwarders => $use_forwarders,
|
||||
dnssec => $dnssec,
|
||||
version => 'Controlled by Puppet',
|
||||
}
|
||||
|
||||
# if acls, import them
|
||||
$acls.each | $name, $data | {
|
||||
bind::acl { $name:
|
||||
* => $data,
|
||||
}
|
||||
}
|
||||
|
||||
# if zones, import them
|
||||
$zones.each | $name, $data | {
|
||||
bind::zone { $name:
|
||||
* => $data,
|
||||
}
|
||||
}
|
||||
|
||||
# if views, import them
|
||||
$views.each | $name, $data | {
|
||||
bind::view { $name:
|
||||
* => $data,
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user