Implement a helper script for zone reloads

It turns out the `rndc` command that was intended to reload a managed zone
wasn't working (see PR #91 for reference) if more than one view included the
zone. The helper script is really just a wrapper around the `rndc` command
itself, it translates its final parameter into a domain/class/view tuple and
pass the leading parameters and the tuple to `rndc`.
This commit is contained in:
Nate Riffe
2016-07-07 21:15:41 -05:00
parent 9091fd6cab
commit 40531e21eb
6 changed files with 49 additions and 12 deletions
+17 -10
View File
@@ -5,7 +5,6 @@ class bind (
$dnssec = true,
$filter_ipv6 = false,
$version = '',
$rndc = undef,
$statistics_port = undef,
$auth_nxdomain = false,
$include_default_zones = true,
@@ -43,15 +42,21 @@ class bind (
}
}
if $rndc {
# rndc only supports HMAC-MD5
bind::key { 'rndc-key':
algorithm => 'hmac-md5',
secret_bits => '512',
keydir => $confdir,
keyfile => 'rndc.key',
include => false,
}
# rndc only supports HMAC-MD5
bind::key { 'rndc-key':
algorithm => 'hmac-md5',
secret_bits => '512',
keydir => $confdir,
keyfile => 'rndc.key',
include => false,
}
file { '/usr/local/bin/rndc-helper':
ensure => present,
owner => 'root',
group => 'root',
mode => '0755',
content => template('bind/rndc-helper.erb'),
}
file { "${confdir}/zones":
@@ -77,6 +82,8 @@ class bind (
"${confdir}/acls.conf",
"${confdir}/keys.conf",
"${confdir}/views.conf",
"${confdir}/view-mappings.txt",
"${confdir}/domain-mappings.txt",
]:
owner => 'root',
group => $bind_group,
+5
View File
@@ -25,4 +25,9 @@ define bind::view (
target => "${::bind::confdir}/views.conf",
content => template('bind/view.erb'),
}
concat::fragment { "bind-view-mappings-${name}":
target => "${::bind::confdir}/view-mappings.txt",
content => template('bind/view-mappings.erb'),
}
}
+5 -1
View File
@@ -115,7 +115,7 @@ define bind::zone (
if $zone_file_mode == 'managed' {
exec { "rndc reload ${_domain}":
command => "/usr/sbin/rndc reload ${_domain}",
command => "/usr/local/bin/rndc-helper reload ${name}",
user => $bind_user,
refreshonly => true,
require => Service['bind'],
@@ -161,4 +161,8 @@ define bind::zone (
require => Package['bind'],
}
concat::fragment { "bind-zone-mapping-${name}":
target => "${::bind::confdir}/domain-mappings.txt",
content => "${name}:${_domain}\n",
}
}