From 44b4b45761b6961c8e5f33ff0afcab6f14f2fe20 Mon Sep 17 00:00:00 2001 From: Nate Riffe Date: Wed, 6 Jan 2016 18:43:08 -0600 Subject: [PATCH] Add option to disable default zone inclusion By setting bind::include_default_zones to false, a user can suppress the inclusion of the default definitions for the root hints zone and RFC 1912 zones. These are supplied with the BIND package's default configuration on both Debian and RedHat derived systems. These zones are necessary for a resolver, but may be omitted if the server acts strictly as an authoritative server. --- manifests/init.pp | 4 ++-- manifests/view.pp | 1 + templates/view.erb | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 39bed29..87698dc 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -7,8 +7,8 @@ class bind ( $rndc = undef, $statistics_port = undef, $auth_nxdomain = false, - $include_local = false, $include_default_zones = true, + $include_local = false, ) inherits bind::defaults { File { @@ -62,7 +62,7 @@ class bind ( content => template('bind/named.conf.erb'), } - if $default_zones_source { + if $include_default_zones and $default_zones_source { file { $default_zones_include: source => $default_zones_source, } diff --git a/manifests/view.pp b/manifests/view.pp index dfab715..ca0c09b 100644 --- a/manifests/view.pp +++ b/manifests/view.pp @@ -13,6 +13,7 @@ define bind::view ( ) { $confdir = $::bind::confdir $default_zones_include = $::bind::default_zones_include + $include_default_zones = $::bind::include_default_zones concat::fragment { "bind-view-${name}": order => $order, diff --git a/templates/view.erb b/templates/view.erb index 661c2c3..0adf904 100644 --- a/templates/view.erb +++ b/templates/view.erb @@ -44,7 +44,7 @@ view "<%= @name %>" { }; <%- end -%> <%- end -%> -<%- if @default_zones_include -%> +<%- if @include_default_zones and @default_zones_include -%> include "<%= @default_zones_include %>"; <%- end -%>