unkinben/puppet-bind
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
383 Commits 1 Branch 1 Tag 366 KiB
5870f37f27
Commit Graph

90 Commits

Author SHA1 Message Date
Nate Riffe
01cb48191e Generate an rndc key, let BIND rest on defaults 
In the absence of any 'controls' configuration, BIND uses the rndc.key file
containing a key named rndc-key for rndc by default. In this mode, there is
also no need for any explicit settings in rndc.conf.
 2015-01-18 10:31:12 -06:00
Nate Riffe
9b1cbacee0 Give bind::key the ability to generate keys 
Also, allow them to be placed elsewhere in the filesystem and make it possible
to exclude a key from the named configuration.
 2015-01-18 10:11:24 -06:00
Tilo Klausing
0ebec14102 added support for view directive "match-recursive-only" 
allows for dedicated views separating resolver and authorative functions
within the same server
 2015-01-12 15:44:33 +01:00
Nate Riffe
8c250445f0 Terminate the line 2015-01-08 09:08:21 -06:00
Nate Riffe
61adcc07c4 Add support for transfer-source 2015-01-08 08:17:01 -06:00
Nate Riffe
e365f5e49a Distinguish view access from recursion access 
Make recursion_match_clients and recursion_match_destinations mirroring the
existing match_clients and match_destinations in order to distinguish recursion
access as a proper subset of view access.
 2014-11-28 19:02:23 -06:00
Brian Muita
658a2cdb9b Added the allow-recursion statement for when recursion enabled in a view. 
Unless specified, this defaults to "localnets, localhost only" yet the
intention of specifying a match-clients and recursion is to allow recursive
queries from the given address not just localnets. This change adds the
specified match-clients under allow-recursion.

If match-destination is specified instead, then allow-recusion-on is
set for those interfaces.
 2014-11-27 18:39:02 +03:00
Nate Riffe
a66b985adb Fix up bind::updater and support rndc 
I thought I fixed rndc a while ago... not quite. Do it now. Make bind::updater
actually work (incomplete last time)
 2014-06-27 14:43:46 -05:00
Nate Riffe
97a8bf0196 key_directory condition got flipped, semantically 2013-08-08 08:19:53 -05:00
Nate Riffe
a930f53a4a Handle array values idiomatically 2013-08-08 07:40:00 -05:00
Nate Riffe
d044268f07 A bit overzealous on that last fix 2013-07-07 20:16:02 -05:00
Nate Riffe
05097dcd05 Access class variables the new way 
Recent puppets demand that puppet class variables be qualified as instance
members when accessed from within a template.
 2013-06-30 09:04:37 -05:00
Nate Riffe
9d0f03b5f6 Support alternate key directories 2012-10-06 22:29:54 -05:00
Nate Riffe
42a5e99f87 Make manual configuration possible 2012-10-06 16:40:59 -05:00
Nate Riffe
474b6f6967 Put notification stuff are zonefile related and interfere with forward zones 2012-10-06 15:51:05 -05:00
Nate Riffe
26b43b3169 Support forward zones 2012-10-06 15:10:46 -05:00
Nate Riffe
fe1ceca8fd Allow override of BIND's version string 2012-10-06 10:50:02 -05:00
Nate Riffe
28225f59e9 Add support for zone notification options 2012-10-04 19:04:21 -05:00
Nate Riffe
f30747d10b Add support for DNSSEC signed zones (breaking) 
This adds a 'dnssec' parameter to the bind::zone define which causes the module
to generate keys and sign the zone.  Some caveats and breaking changes:

1) Existing non-signed zones will have to be manually moved and signed
2) Signed zones are treated as dynamic
 2012-10-04 14:20:15 -05:00
Nate Riffe
64f10b4774 Get file and concat dependencies in order 2012-09-25 23:01:23 -05:00
Nate Riffe
699af3527a Enable DNSSEC validation in the resolver by default 2012-09-14 07:33:45 -05:00
Nate Riffe
db236c58a6 Don't quote keystuff, it breaks it 2012-09-05 00:32:36 -05:00
Nate Riffe
a62f9dd107 named.conf is not a concat, make one for keys 2012-09-04 23:53:04 -05:00
Nate Riffe
4e74ffe8a9 Fix typo and rename template 2012-09-04 23:48:56 -05:00
Nate Riffe
107fe10194 Add keys 2012-09-04 23:45:28 -05:00
Nate Riffe
6ac1a1cefa Avoid naming collision 2012-09-04 12:39:35 -05:00
Nate Riffe
e5cac24358 Fix syntax in named.conf 2012-09-04 12:36:40 -05:00
Nate Riffe
d8b9fe2e8e Fix syntax 2012-09-04 12:32:11 -05:00
Nate Riffe
d189c62002 Enable configuration of some options 2012-09-04 12:12:30 -05:00
Nate Riffe
63b3c4037b Add a zone definition 2012-09-04 07:24:31 -05:00
Nate Riffe
6800ca9ebc Include default zones regardless of recursion 2012-09-03 23:18:31 -05:00
Nate Riffe
0a383a49fe Adjust indentation 2012-09-03 23:12:55 -05:00
Nate Riffe
2ea577f97b Move default zones into the view when recursion is enabled 2012-09-03 23:10:29 -05:00
Nate Riffe
2d1d6d826d Get debian's default zones accounted for 2012-09-03 23:05:12 -05:00
Nate Riffe
f23bf1e1b4 Put semicolons where needed in view.erb 2012-09-03 22:09:29 -05:00
Nate Riffe
ec56b2e376 Adjust spacing 2012-09-03 22:01:35 -05:00
Nate Riffe
594d850cb2 Add templates for named.conf and for view fragments 2012-09-03 21:52:38 -05:00
Nate Riffe
f09ca602b0 Hide the blank lines 2012-09-03 19:37:02 -05:00
Nate Riffe
2a567bc09a Fix template syntax 2012-09-03 18:45:06 -05:00
Nate Riffe
259e37c795 Add acls 2012-09-03 18:24:06 -05:00