unkinben/puppet-bind
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #65 from inkblot/defaults-not-params

Browse Source 
Turn `params` into `defaults` and formalize it
This commit is contained in:
Nate Riffe 2015-12-26 10:22:38 -06:00
commit 4f04a1f066
10 changed files with 70 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
data/common.yaml
View File

@ -1,10 +1,11 @@
---
bind::params::supported: false
bind::defaults::supported: false
bind::defaults::random_device: '/dev/random'
bind::defaults::rndc: true
bind::forwarders: ''
bind::dnssec: true
bind::version: ''
bind::random_device: '/dev/random'
bind::include_local: false
bind::updater::keydir: '/etc/nsupdate-keys'

19
data/osfamily/Debian.yaml
View File

@ -1,13 +1,12 @@
---
bind::params::supported: true
bind::params::bind_user: 'bind'
bind::params::bind_group: 'bind'
bind::params::bind_package: 'bind9'
bind::params::bind_service: 'bind9'
bind::params::nsupdate_package: 'dnsutils'
bind::params::confdir: '/etc/bind'
bind::namedconf: '/etc/bind/named.conf'
bind::cachedir: '/var/cache/bind'
bind::rndc: true
bind::defaults::supported: true
bind::defaults::bind_user: 'bind'
bind::defaults::bind_group: 'bind'
bind::defaults::bind_package: 'bind9'
bind::defaults::bind_service: 'bind9'
bind::defaults::nsupdate_package: 'dnsutils'
bind::defaults::confdir: '/etc/bind'
bind::defaults::namedconf: '/etc/bind/named.conf'
bind::defaults::cachedir: '/var/cache/bind'
bind::updater::keydir: '/etc/bind/keys'

21
data/osfamily/RedHat.yaml
View File

@ -1,14 +1,13 @@
---
bind::params::supported: true
bind::params::bind_user: 'named'
bind::params::bind_group: 'named'
bind::params::bind_package: 'bind'
bind::params::bind_service: 'named'
bind::params::nsupdate_package: 'bind-utils'
bind::params::managed_keys_directory: '/var/named/dynamic'
bind::params::confdir: '/etc/named'
bind::namedconf: '/etc/named.conf'
bind::cachedir: '/var/named'
bind::rndc: true
bind::defaults::supported: true
bind::defaults::bind_user: 'named'
bind::defaults::bind_group: 'named'
bind::defaults::bind_package: 'bind'
bind::defaults::bind_service: 'named'
bind::defaults::nsupdate_package: 'bind-utils'
bind::defaults::managed_keys_directory: '/var/named/dynamic'
bind::defaults::confdir: '/etc/named'
bind::defaults::namedconf: '/etc/named.conf'
bind::defaults::cachedir: '/var/named'
bind::updater::keydir: '/etc/named/keys'

19
manifests/defaults.pp Normal file
View File

@ -0,0 +1,19 @@
# ex: syntax=puppet si ts=4 sw=4 et
class bind::defaults (
$supported = undef,
$confdir = undef,
$namedconf = undef,
$cachedir = undef,
$random_device = undef,
$bind_user = undef,
$bind_group = undef,
$bind_package = undef,
$bind_service = undef,
$nsupdate_package = undef,
$managed_keys_directory = undef,
) {
unless $supported {
fail('Platform is not supported')
}
}

15
manifests/init.pp
View File

@ -1,17 +1,14 @@
# ex: syntax=puppet si ts=4 sw=4 et
class bind (
$namedconf = undef,
$cachedir = undef,
$forwarders = undef,
$dnssec = undef,
$version = undef,
$forwarders = '',
$dnssec = true,
$version = '',
$rndc = undef,
$statistics_port = undef,
$random_device = undef,
$include_local = undef,
) inherits bind::params {
$auth_nxdomain = false
$auth_nxdomain = false,
$include_local = false,
) inherits bind::defaults {
File {
ensure => present,

8
manifests/key.pp
View File

@ -5,13 +5,13 @@ define bind::key (
$secret_bits = 256,
$algorithm = 'hmac-sha256',
$owner = 'root',
$group = $bind::params::bind_group,
$group = $::bind::defaults::bind_group,
$keydir = $::bind::keydir::keydir,
$keyfile = undef,
$include = true,
) {
include bind::params
$confdir = $::bind::params::confdir
# Pull some platform defaults into the local scope
$confdir = $::bind::defaults::confdir
# Generate a key of size $secret_bits if no $secret
$secret_actual = $secret ? {
@ -45,7 +45,7 @@ define bind::key (
concat::fragment { "bind-key-${name}":
order => '10',
target => "${bind::params::confdir}/keys.conf",
target => "${confdir}/keys.conf",
content => "include \"${keydir}/${key_file_name}\";\n",
}
}

16
manifests/params.pp
View File

@ -1,16 +0,0 @@
# ex: syntax=puppet si ts=4 sw=4 et
class bind::params (
$supported,
$bind_user,
$bind_group,
$bind_package,
$bind_service,
$nsupdate_package,
$managed_keys_directory = undef,
$confdir,
) {
unless $supported {
fail('Platform is not supported')
}
}

2
manifests/updater.pp
View File

@ -2,7 +2,7 @@
class bind::updater (
$keydir = undef,
) inherits bind::params {
) inherits bind::defaults {
if $nsupdate_package {
package { 'nsupdate':

27
manifests/zone.pp
View File

@ -21,8 +21,13 @@ define bind::zone (
) {
# where there is a zone, there is a server
include bind
$cachedir = $::bind::cachedir
$random_device = $::bind::random_device
# Pull some platform defaults into the local scope
$cachedir = $::bind::defaults::cachedir
$random_device = $::bind::defaults::random_device
$bind_user = $::bind::defaults::bind_user
$bind_group = $::bind::defaults::bind_group
$_domain = pick($domain, $name)
unless !($masters != '' and ! member(['slave', 'stub'], $zone_type)) {
@ -75,8 +80,8 @@ define bind::zone (
if member(['init', 'managed', 'allowed'], $zone_file_mode) {
file { "${cachedir}/${name}":
ensure => directory,
owner => $::bind::params::bind_user,
group => $::bind::params::bind_group,
owner => $bind_user,
group => $bind_group,
mode => '0755',
require => Package['bind'],
}
@ -84,8 +89,8 @@ define bind::zone (
if member(['init', 'managed'], $zone_file_mode) {
file { "${cachedir}/${name}/${_domain}":
ensure => present,
owner => $::bind::params::bind_user,
group => $::bind::params::bind_group,
owner => $bind_user,
group => $bind_group,
mode => '0644',
replace => ($zone_file_mode == 'managed'),
source => pick($source, 'puppet:///modules/bind/db.empty'),
@ -96,7 +101,7 @@ define bind::zone (
if $zone_file_mode == 'managed' {
exec { "rndc reload ${_domain}":
command => "/usr/sbin/rndc reload ${_domain}",
user => $::bind::params::bind_user,
user => $bind_user,
refreshonly => true,
require => Service['bind'],
subscribe => File["${cachedir}/${name}/${_domain}"],
@ -113,7 +118,7 @@ define bind::zone (
command => "/usr/local/bin/dnssec-init '${cachedir}' '${name}'\
'${_domain}' '${key_directory}' '${random_device}' '${nsec3_salt}'",
cwd => $cachedir,
user => $::bind::params::bind_user,
user => $bind_user,
creates => "${cachedir}/${name}/${_domain}.signed",
timeout => 0, # crypto is hard
require => [
@ -123,8 +128,8 @@ define bind::zone (
}
file { "${cachedir}/${name}/${_domain}.signed":
owner => $::bind::params::bind_user,
group => $::bind::params::bind_group,
owner => $bind_user,
group => $bind_group,
mode => '0644',
audit => [ content ],
}
@ -133,7 +138,7 @@ define bind::zone (
file { "${::bind::confdir}/zones/${name}.conf":
ensure => present,
owner => 'root',
group => $::bind::params::bind_group,
group => $bind_group,
mode => '0644',
content => template('bind/zone.conf.erb'),
notify => Service['bind'],

4
spec/fixtures/hiera/common.yaml vendored
View File

@ -1,3 +1,3 @@
---
bind::params::confdir: '_CONFDIR_'
bind::namedconf: '_NAMEDCONF_'
bind::defaults::confdir: '_CONFDIR_'
bind::defaults::namedconf: '_NAMEDCONF_'