Merge pull request #100 from inkblot/rndc-helper

Implement a helper script for zone reloads

data/common.yaml

@@ -1,7 +1,6 @@
 ---
 bind::defaults::supported: false
 bind::defaults::random_device: '/dev/random'
-bind::defaults::rndc: true
 
 bind::forwarders: ''
 bind::dnssec: true

manifests/init.pp

@@ -5,7 +5,6 @@ class bind (
     $dnssec                = true,
     $filter_ipv6           = false,
     $version               = '',
-    $rndc                  = undef,
     $statistics_port       = undef,
     $auth_nxdomain         = false,
     $include_default_zones = true,
@@ -43,15 +42,21 @@ class bind (
         }
     }
 
-    if $rndc {
+    # rndc only supports HMAC-MD5
-        # rndc only supports HMAC-MD5
+    bind::key { 'rndc-key':
-        bind::key { 'rndc-key':
+        algorithm   => 'hmac-md5',
-            algorithm   => 'hmac-md5',
+        secret_bits => '512',
-            secret_bits => '512',
+        keydir      => $confdir,
-            keydir      => $confdir,
+        keyfile     => 'rndc.key',
-            keyfile     => 'rndc.key',
+        include     => false,
-            include     => false,
+    }
-        }
+
+    file { '/usr/local/bin/rndc-helper':
+        ensure  => present,
+        owner   => 'root',
+        group   => 'root',
+        mode    => '0755',
+        content => template('bind/rndc-helper.erb'),
     }
 
     file { "${confdir}/zones":
@@ -77,6 +82,8 @@ class bind (
         "${confdir}/acls.conf",
         "${confdir}/keys.conf",
         "${confdir}/views.conf",
+        "${confdir}/view-mappings.txt",
+        "${confdir}/domain-mappings.txt",
         ]:
         owner   => 'root',
         group   => $bind_group,

manifests/view.pp

@@ -25,4 +25,9 @@ define bind::view (
         target  => "${::bind::confdir}/views.conf",
         content => template('bind/view.erb'),
     }
+
+    concat::fragment { "bind-view-mappings-${name}":
+        target  => "${::bind::confdir}/view-mappings.txt",
+        content => template('bind/view-mappings.erb'),
+    }
 }

manifests/zone.pp

@@ -114,8 +114,8 @@ define bind::zone (
         }
 
         if $zone_file_mode == 'managed' {
-            exec { "rndc reload ${_domain}":
+            exec { "rndc reload ${name}":
-                command     => "/usr/sbin/rndc reload ${_domain}",
+                command     => "/usr/local/bin/rndc-helper reload ${name}",
                 user        => $bind_user,
                 refreshonly => true,
                 require     => Service['bind'],
@@ -161,4 +161,8 @@ define bind::zone (
         require => Package['bind'],
     }
 
+    concat::fragment { "bind-zone-mapping-${name}":
+        target  => "${::bind::confdir}/domain-mappings.txt",
+        content => "${name}:${_domain}\n",
+    }
 }

templates/rndc-helper.erb

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+CONFDIR=<%= @confdir %>
+
+function param_lookup() {
+  local zone_name="${1}"
+  local domain="$(grep "^${zone_name}:" ${CONFDIR}/domain-mappings.txt | cut -f2 -d:)"
+  grep "^${zone_name}:" ${CONFDIR}/view-mappings.txt | cut -f2 -d: | sed -e "s/\(.*\)/${domain} IN \1/"
+}
+
+zone_name="${!#}"
+
+param_lookup "${zone_name}" | while read Z; do
+  if [ $# == 1 ]; then
+    echo $Z
+  else
+    /usr/sbin/rndc "${@:1:$(($# - 1))}" $Z
+  fi
+done

templates/view-mappings.erb

@@ -0,0 +1,3 @@
+<%- @zones.each do |zone| -%>
+<%= zone %>:<%= @name %>
+<%- end -%>