unkinben/puppet-bind
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add modelines and reformat pp files

Browse Source
This commit is contained in:
Nate Riffe 2014-06-15 10:08:55 -05:00
parent a21da43817
commit c4bc2a1c4a
6 changed files with 231 additions and 216 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
manifests/acl.pp
View File

@ -1,11 +1,13 @@
# ex: syntax=puppet si ts=4 sw=4 et
define bind::acl (
$addresses,
$addresses,
) {
concat::fragment { "bind-acl-${name}":
order => '10',
target => "${bind::params::confdir}/acls.conf",
content => template('bind/acl.erb'),
}
concat::fragment { "bind-acl-${name}":
order => '10',
target => "${bind::params::confdir}/acls.conf",
content => template('bind/acl.erb'),
}
}

170
manifests/init.pp
View File

@ -1,100 +1,102 @@
# ex: syntax=puppet si ts=4 sw=4 et
class bind (
$confdir = $bind::params::confdir,
$cachedir = $bind::params::cachedir,
$forwarders = '',
$dnssec = true,
$version = '',
$confdir = $bind::params::confdir,
$cachedir = $bind::params::cachedir,
$forwarders = '',
$dnssec = true,
$version = '',
) inherits bind::params {
$auth_nxdomain = false
$auth_nxdomain = false
package { $bind::params::bind_package:
ensure => latest,
}
package { $bind::params::bind_package:
ensure => latest,
}
if $dnssec {
file { '/usr/local/bin/dnssec-init':
ensure => present,
owner => 'root',
group => 'root',
mode => '0755',
source => 'puppet:///modules/bind/dnssec-init',
}
}
if $dnssec {
file { '/usr/local/bin/dnssec-init':
ensure => present,
owner => 'root',
group => 'root',
mode => '0755',
source => 'puppet:///modules/bind/dnssec-init',
}
}
service { $bind::params::bind_service:
ensure => running,
enable => true,
hasrestart => true,
hasstatus => true,
require => Package[$bind::params::bind_package],
}
service { $bind::params::bind_service:
ensure => running,
enable => true,
hasrestart => true,
hasstatus => true,
require => Package[$bind::params::bind_package],
}
File {
ensure => present,
owner => 'root',
group => $::bind::params::bind_group,
mode => 0644,
}
file { [ $confdir, "${confdir}/zones" ]:
ensure => directory,
mode => 2755,
purge => true,
recurse => true,
require => Package[$bind::params::bind_package],
}
File {
ensure => present,
owner => 'root',
group => $::bind::params::bind_group,
mode => 0644,
}
file { [ $confdir, "${confdir}/zones" ]:
ensure => directory,
mode => 2755,
purge => true,
recurse => true,
require => Package[$bind::params::bind_package],
}
file { "${confdir}/named.conf":
content => template('bind/named.conf.erb'),
notify => Service[$bind::params::bind_service],
require => Package[$bind::params::bind_package],
}
file { "${confdir}/named.conf":
content => template('bind/named.conf.erb'),
notify => Service[$bind::params::bind_service],
require => Package[$bind::params::bind_package],
}
file { "${confdir}/keys":
ensure => directory,
mode => 0755,
require => Package[$bind::params::bind_package],
}
file { "${confdir}/keys":
ensure => directory,
mode => 0755,
require => Package[$bind::params::bind_package],
}
file { "${confdir}/named.conf.local":
replace => false,
require => Package[$bind::params::bind_package],
}
file { "${confdir}/named.conf.local":
replace => false,
require => Package[$bind::params::bind_package],
}
concat { [
"${confdir}/acls.conf",
"${confdir}/keys.conf",
"${confdir}/views.conf",
]:
owner => 'root',
group => $bind::params::bind_group,
mode => '0644',
notify => Service[$bind::params::bind_service],
require => Package[$bind::params::bind_package],
}
concat { [
"${confdir}/acls.conf",
"${confdir}/keys.conf",
"${confdir}/views.conf",
]:
owner => 'root',
group => $bind::params::bind_group,
mode => '0644',
notify => Service[$bind::params::bind_service],
require => Package[$bind::params::bind_package],
}
concat::fragment { "named-acls-header":
order => '00',
target => "${confdir}/acls.conf",
content => "# This file is managed by puppet - changes will be lost\n",
}
concat::fragment { "named-acls-header":
order => '00',
target => "${confdir}/acls.conf",
content => "# This file is managed by puppet - changes will be lost\n",
}
concat::fragment { "named-keys-header":
order => '00',
target => "${confdir}/keys.conf",
content => "# This file is managed by puppet - changes will be lost\n",
}
concat::fragment { "named-keys-header":
order => '00',
target => "${confdir}/keys.conf",
content => "# This file is managed by puppet - changes will be lost\n",
}
concat::fragment { "named-keys-rndc":
order => '99',
target => "${confdir}/keys.conf",
content => "#include \"${confdir}/rndc.key\"\n",
}
concat::fragment { "named-keys-rndc":
order => '99',
target => "${confdir}/keys.conf",
content => "#include \"${confdir}/rndc.key\"\n",
}
concat::fragment { "named-views-header":
order => '00',
target => "${confdir}/views.conf",
content => "# This file is managed by puppet - changes will be lost\n",
}
concat::fragment { "named-views-header":
order => '00',
target => "${confdir}/views.conf",
content => "# This file is managed by puppet - changes will be lost\n",
}
}

41
manifests/key.pp
View File

@ -1,21 +1,26 @@
# ex: syntax=puppet si ts=4 sw=4 et
define bind::key (
$algorithm = 'hmac-sha256',
$secret,
$owner = 'root',
$group = $bind::params::bind_group,
$algorithm = 'hmac-sha256',
$secret,
$owner = 'root',
$group = $bind::params::bind_group,
path = "${::bind::confdir}/keys"
) {
file { "${bind::confdir}/keys/${name}":
ensure => present,
owner => $owner,
group => $group,
mode => '0640',
content => template('bind/key.conf.erb'),
notify => Service[$bind::params::bind_service],
require => Package[$bind::params::bind_package],
}
concat::fragment { "bind-key-${name}":
order => '10',
target => "${bind::confdir}/keys.conf",
content => "include \"${bind::confdir}/keys/${name}\";\n",
}
file { "${path}/${name}":
ensure => present,
owner => $owner,
group => $group,
mode => '0640',
content => template('bind/key.conf.erb'),
notify => Service[$bind::params::bind_service],
require => Package[$bind::params::bind_package],
}
if (defined(Class['bind'])) {
concat::fragment { "bind-key-${name}":
order => '10',
target => "${bind::confdir}/keys.conf",
content => "include \"${bind::confdir}/keys/${name}\";\n",
}
}
}

58
manifests/params.pp
View File

@ -1,33 +1,35 @@
# ex: syntax=puppet si ts=4 sw=4 et
class bind::params {
case $::osfamily {
'Debian': {
$bind_package = 'bind9'
$bind_service = 'bind9'
$confdir = '/etc/bind'
$cachedir = '/var/cache/bind'
$bind_user = 'bind'
$bind_group = 'bind'
case $::osfamily {
'Debian': {
$bind_package = 'bind9'
$bind_service = 'bind9'
$confdir = '/etc/bind'
$cachedir = '/var/cache/bind'
$bind_user = 'bind'
$bind_group = 'bind'
file { [
"${confdir}/bind.keys",
"${confdir}/db.empty",
"${confdir}/db.local",
"${confdir}/db.root",
"${confdir}/db.0",
"${confdir}/db.127",
"${confdir}/db.255",
"${confdir}/named.conf.default-zones",
"${confdir}/rndc.key",
"${confdir}/zones.rfc1918",
]:
ensure => present,
require => Package[$bind_package],
}
}
default: {
fail("Operating system is not supported ${::osfamily}")
}
}
file { [
"${confdir}/bind.keys",
"${confdir}/db.empty",
"${confdir}/db.local",
"${confdir}/db.root",
"${confdir}/db.0",
"${confdir}/db.127",
"${confdir}/db.255",
"${confdir}/named.conf.default-zones",
"${confdir}/rndc.key",
"${confdir}/zones.rfc1918",
]:
ensure => present,
require => Package[$bind_package],
}
}
default: {
fail("Operating system is not supported ${::osfamily}")
}
}
}

26
manifests/view.pp
View File

@ -1,14 +1,16 @@
define bind::view (
$match_clients = 'any',
$match_destinations = '',
$zones = [],
$recursion = true,
) {
$confdir = $bind::params::confdir
# ex: syntax=puppet si ts=4 sw=4 et
concat::fragment { "bind-view-${name}":
order => '10',
target => "${bind::params::confdir}/views.conf",
content => template('bind/view.erb'),
}
define bind::view (
$match_clients = 'any',
$match_destinations = '',
$zones = [],
$recursion = true,
) {
$confdir = $bind::params::confdir
concat::fragment { "bind-view-${name}":
order => '10',
target => "${bind::params::confdir}/views.conf",
content => template('bind/view.erb'),
}
}

138
manifests/zone.pp
View File

@ -1,79 +1,81 @@
# ex: syntax=puppet si ts=4 sw=4 et
define bind::zone (
$zone_type,
$domain = '',
$masters = '',
$allow_updates = '',
$allow_transfers = '',
$dnssec = false,
$key_directory = '',
$ns_notify = true,
$also_notify = '',
$allow_notify = '',
$forwarders = '',
$forward = '',
$zone_type,
$domain = '',
$masters = '',
$allow_updates = '',
$allow_transfers = '',
$dnssec = false,
$key_directory = '',
$ns_notify = true,
$also_notify = '',
$allow_notify = '',
$forwarders = '',
$forward = '',
) {
$cachedir = $bind::cachedir
$cachedir = $bind::cachedir
if $domain == '' {
$_domain = $name
} else {
$_domain = $domain
}
if $domain == '' {
$_domain = $name
} else {
$_domain = $domain
}
$has_zone_file = $zone_type ? {
'master' => true,
'slave' => true,
'hint' => true,
'stub' => true,
default => false,
}
$has_zone_file = $zone_type ? {
'master' => true,
'slave' => true,
'hint' => true,
'stub' => true,
default => false,
}
if $has_zone_file {
file { "${cachedir}/${name}":
ensure => directory,
owner => $bind::params::bind_user,
group => $bind::params::bind_group,
mode => '0755',
require => Package[$bind::params::bind_package],
}
if $has_zone_file {
file { "${cachedir}/${name}":
ensure => directory,
owner => $bind::params::bind_user,
group => $bind::params::bind_group,
mode => '0755',
require => Package[$bind::params::bind_package],
}
file { "${cachedir}/${name}/${_domain}":
ensure => present,
owner => $bind::params::bind_user,
group => $bind::params::bind_group,
mode => '0644',
replace => false,
source => 'puppet:///modules/bind/db.empty',
audit => [ content ],
}
file { "${cachedir}/${name}/${_domain}":
ensure => present,
owner => $bind::params::bind_user,
group => $bind::params::bind_group,
mode => '0644',
replace => false,
source => 'puppet:///modules/bind/db.empty',
audit => [ content ],
}
if $dnssec {
exec { "dnssec-keygen-${name}":
command => "/usr/local/bin/dnssec-init '${cachedir}' '${name}' '${_domain}' '${key_directory}'",
cwd => $cachedir,
user => $bind::params::bind_user,
creates => "${cachedir}/${name}/${_domain}.signed",
timeout => 0, # crypto is hard
require => [ File['/usr/local/bin/dnssec-init'], File["${cachedir}/${name}/${_domain}"] ],
}
if $dnssec {
exec { "dnssec-keygen-${name}":
command => "/usr/local/bin/dnssec-init '${cachedir}' '${name}' '${_domain}' '${key_directory}'",
cwd => $cachedir,
user => $bind::params::bind_user,
creates => "${cachedir}/${name}/${_domain}.signed",
timeout => 0, # crypto is hard
require => [ File['/usr/local/bin/dnssec-init'], File["${cachedir}/${name}/${_domain}"] ],
}
file { "${cachedir}/${name}/${_domain}.signed":
owner => $bind::params::bind_user,
group => $bind::params::bind_group,
mode => '0644',
audit => [ content ],
}
}
}
file { "${cachedir}/${name}/${_domain}.signed":
owner => $bind::params::bind_user,
group => $bind::params::bind_group,
mode => '0644',
audit => [ content ],
}
}
}
file { "${bind::confdir}/zones/${name}.conf":
ensure => present,
owner => 'root',
group => $bind::params::bind_group,
mode => '0644',
content => template('bind/zone.conf.erb'),
notify => Service[$bind::params::bind_service],
require => Package[$bind::params::bind_package],
}
file { "${bind::confdir}/zones/${name}.conf":
ensure => present,
owner => 'root',
group => $bind::params::bind_group,
mode => '0644',
content => template('bind/zone.conf.erb'),
notify => Service[$bind::params::bind_service],
require => Package[$bind::params::bind_package],
}
}