unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity

promote develop to master #6

Merged
unkinben merged 449 commits from develop into master 2024-06-01 14:48:48 +10:00
Conversation 0 Commits 449 Files Changed 291 +22 -6
2 changed files with 22 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit b8d799e8e9 - Show all commits

6
hieradata/roles/infra/dns/master.yaml
View File

@ -1,8 +1,6 @@
--- ---
profiles::dns::master::nameservers: profiles::dns::master::ns_role: roles::infra::dns::master
- prodinf01n23.main.unkin.net profiles::dns::master::use_ns: region
- prodinf01n24.main.unkin.net
profiles::dns::master::acls: profiles::dns::master::acls:
acl-main.unkin.net: acl-main.unkin.net:
addresses: addresses:

22
site/profiles/manifests/dns/master.pp
View File

@ -1,6 +1,5 @@
# profiles::dns::master authoritative service # profiles::dns::master authoritative service
class profiles::dns::master ( class profiles::dns::master (
Array[String] $nameservers,
Stdlib::AbsolutePath $basedir, Stdlib::AbsolutePath $basedir,
Hash $acls = {}, Hash $acls = {},
Hash $zones = {}, Hash $zones = {},
@ -13,8 +12,27 @@ class profiles::dns::master (
String $owner = 'root', String $owner = 'root',
String $group = 'named', String $group = 'named',
Boolean $dnssec = false, Boolean $dnssec = false,
Variant[String, Undef] $ns_role = undef,
Enum['all', 'region', 'country'] $use_ns = 'all',
){ ){
# if ns_role is set, find all hosts matching that enc_role, otherwise use the current host
$nameservers_array = $ns_role ? {
undef => [$facts['networking']['fqdn']],
default => $use_ns ? {
'all' => query_nodes("enc_role='${ns_role}'", 'networking.fqdn'),
'region' => query_nodes("enc_role='${ns_role}' and region=${facts['region']}", 'networking.fqdn'),
'country' => query_nodes("enc_role='${ns_role}' and country=${facts['country']}", 'networking.fqdn'),
}
}
# if nameservers is empty, use the current host, otherwise use nameservers_array as nameservers
$nameservers = empty($nameservers_array) ? {
true => [$facts['networking']['fqdn']],
false => $nameservers_array,
default => [$facts['networking']['fqdn']],
}
class {'profiles::dns::server': class {'profiles::dns::server':
acls => $acls, acls => $acls,
zones => $zones, zones => $zones,
@ -37,7 +55,7 @@ class profiles::dns::master (
profiles::dns::zone { $name: profiles::dns::zone { $name:
zone => $data['domain'], zone => $data['domain'],
basedir => $basedir, basedir => $basedir,
nameservers => $nameservers, nameservers => sort($nameservers),
owner => $owner, owner => $owner,
group => $group, group => $group,
before => Bind::Zone[$name] before => Bind::Zone[$name]