Merge pull request #100 from inkblot/rndc-helper
Implement a helper script for zone reloads
This commit is contained in:
+17
-10
@@ -5,7 +5,6 @@ class bind (
|
||||
$dnssec = true,
|
||||
$filter_ipv6 = false,
|
||||
$version = '',
|
||||
$rndc = undef,
|
||||
$statistics_port = undef,
|
||||
$auth_nxdomain = false,
|
||||
$include_default_zones = true,
|
||||
@@ -43,15 +42,21 @@ class bind (
|
||||
}
|
||||
}
|
||||
|
||||
if $rndc {
|
||||
# rndc only supports HMAC-MD5
|
||||
bind::key { 'rndc-key':
|
||||
algorithm => 'hmac-md5',
|
||||
secret_bits => '512',
|
||||
keydir => $confdir,
|
||||
keyfile => 'rndc.key',
|
||||
include => false,
|
||||
}
|
||||
# rndc only supports HMAC-MD5
|
||||
bind::key { 'rndc-key':
|
||||
algorithm => 'hmac-md5',
|
||||
secret_bits => '512',
|
||||
keydir => $confdir,
|
||||
keyfile => 'rndc.key',
|
||||
include => false,
|
||||
}
|
||||
|
||||
file { '/usr/local/bin/rndc-helper':
|
||||
ensure => present,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0755',
|
||||
content => template('bind/rndc-helper.erb'),
|
||||
}
|
||||
|
||||
file { "${confdir}/zones":
|
||||
@@ -77,6 +82,8 @@ class bind (
|
||||
"${confdir}/acls.conf",
|
||||
"${confdir}/keys.conf",
|
||||
"${confdir}/views.conf",
|
||||
"${confdir}/view-mappings.txt",
|
||||
"${confdir}/domain-mappings.txt",
|
||||
]:
|
||||
owner => 'root',
|
||||
group => $bind_group,
|
||||
|
||||
@@ -25,4 +25,9 @@ define bind::view (
|
||||
target => "${::bind::confdir}/views.conf",
|
||||
content => template('bind/view.erb'),
|
||||
}
|
||||
|
||||
concat::fragment { "bind-view-mappings-${name}":
|
||||
target => "${::bind::confdir}/view-mappings.txt",
|
||||
content => template('bind/view-mappings.erb'),
|
||||
}
|
||||
}
|
||||
|
||||
+6
-2
@@ -114,8 +114,8 @@ define bind::zone (
|
||||
}
|
||||
|
||||
if $zone_file_mode == 'managed' {
|
||||
exec { "rndc reload ${_domain}":
|
||||
command => "/usr/sbin/rndc reload ${_domain}",
|
||||
exec { "rndc reload ${name}":
|
||||
command => "/usr/local/bin/rndc-helper reload ${name}",
|
||||
user => $bind_user,
|
||||
refreshonly => true,
|
||||
require => Service['bind'],
|
||||
@@ -161,4 +161,8 @@ define bind::zone (
|
||||
require => Package['bind'],
|
||||
}
|
||||
|
||||
concat::fragment { "bind-zone-mapping-${name}":
|
||||
target => "${::bind::confdir}/domain-mappings.txt",
|
||||
content => "${name}:${_domain}\n",
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user