From f8fd6700dabe4fc7a6ed2ce7ef63710b51e08c44 Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Tue, 23 Apr 2024 22:39:33 +1000 Subject: [PATCH] feat: enable selecting nameserver by fact - enable selecting nameservers to use by region, country or all - set default for nameservers to be region --- hieradata/common.yaml | 1 + site/profiles/manifests/dns/base.pp | 16 ++++++++++++---- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/hieradata/common.yaml b/hieradata/common.yaml index 185780a..9dd7df2 100644 --- a/hieradata/common.yaml +++ b/hieradata/common.yaml @@ -57,6 +57,7 @@ profiles::base::puppet_servers: profiles::dns::master::basedir: '/var/named/sources' profiles::dns::base::ns_role: 'roles::infra::dns::resolver' +profiles::dns::base::use_ns: 'region' profiles::packages::install: - bash-completion diff --git a/site/profiles/manifests/dns/base.pp b/site/profiles/manifests/dns/base.pp index 6bd2458..dcb43af 100644 --- a/site/profiles/manifests/dns/base.pp +++ b/site/profiles/manifests/dns/base.pp @@ -3,16 +3,24 @@ class profiles::dns::base ( String $ns_role = undef, Array $search = [], Array $nameservers = ['8.8.8.8', '1.1.1.1'], + Enum[ + 'all', + 'region', + 'country' + ] $use_ns = 'all', ){ # install bind_utils include bind::updater # if ns_role is set, find all hosts matching that enc_role - if $ns_role == undef { - $nameserver_array = $nameservers - }else{ - $nameserver_array = query_nodes("enc_role='${ns_role}'", 'networking.ip') + $nameserver_array = $ns_role ? { + undef => $nameservers, + default => $use_ns ? { + 'all' => query_nodes("enc_role='${ns_role}'", 'networking.ip'), + 'region' => query_nodes("enc_role='${ns_role}' and region=${facts['region']}", 'networking.ip'), + 'country' => query_nodes("enc_role='${ns_role}' and country=${facts['country']}", 'networking.ip'), + } } # if search is undef, fallback to domainname from facts