Revision e73be39b
Added by Marc Schaer over 8 years ago
manifests/init.pp | ||
---|---|---|
$localzonepath = $::dns::params::localzonepath,
|
||
$forwarders = $::dns::params::forwarders,
|
||
$listen_on_v6 = $::dns::params::listen_on_v6,
|
||
$recursion = $::dns::params::recursion,
|
||
$allow_recursion = $::dns::params::allow_recursion,
|
||
$allow_query = $::dns::params::allow_query,
|
||
$dnssec_enable = $::dns::params::dnssec_enable,
|
||
$dnssec_validation = $::dns::params::dnssec_validation,
|
||
$namedconf_template = $::dns::params::namedconf_template,
|
||
$optionsconf_template = $::dns::params::optionsconf_template,
|
||
) inherits dns::params {
|
||
validate_array($dns::forwarders)
|
||
validate_array($dns::allow_recursion)
|
||
validate_array($dns::allow_query)
|
||
validate_re($dns::recursion, '^(yes|no)$', 'Only \'yes\' and \'no\' are valid values for recursion field')
|
||
validate_re($dns::dnssec_enable, '^(yes|no)$', 'Only \'yes\' and \'no\' are valid values for dnssec_enable field')
|
||
validate_re($dns::dnssec_validation, '^(yes|no|auto)$', 'Only \'yes\', \'no\' and \'auto\' are valid values for dnssec_validation field')
|
||
|
||
class { '::dns::install': } ~>
|
||
class { '::dns::config': } ~>
|
manifests/params.pp | ||
---|---|---|
|
||
$listen_on_v6 = 'any'
|
||
|
||
$recursion = 'yes'
|
||
$allow_recursion = []
|
||
$allow_query = [ 'any' ]
|
||
|
||
$dnssec_enable = 'yes'
|
||
$dnssec_validation = 'yes'
|
||
}
|
manifests/zone.pp | ||
---|---|---|
$contact = "root.${title}.",
|
||
$zonefilepath = $::dns::zonefilepath,
|
||
$filename = "db.${title}",
|
||
$manage_file = true,
|
||
$forward = 'first',
|
||
$forwarders = [],
|
||
) {
|
||
|
||
validate_bool($reverse)
|
||
validate_array($masters, $allow_transfer)
|
||
validate_bool($reverse, $manage_file)
|
||
validate_array($masters, $allow_transfer, $forwarders)
|
||
validate_re($forward, '^(first|only)$', 'Only \'first\' or \'only\' are valid values for forward field')
|
||
|
||
$zonefilename = "${zonefilepath}/${filename}"
|
||
|
||
... | ... | |
order => "10-${zone}",
|
||
}
|
||
|
||
file { $zonefilename:
|
||
ensure => file,
|
||
owner => $dns::user,
|
||
group => $dns::group,
|
||
mode => '0644',
|
||
content => template('dns/zone.header.erb'),
|
||
replace => false,
|
||
notify => Service[$::dns::namedservicename],
|
||
if $manage_file {
|
||
file { $zonefilename:
|
||
ensure => file,
|
||
owner => $dns::user,
|
||
group => $dns::group,
|
||
mode => '0644',
|
||
content => template('dns/zone.header.erb'),
|
||
replace => false,
|
||
notify => Service[$::dns::namedservicename],
|
||
}
|
||
}
|
||
}
|
templates/named.zone.erb | ||
---|---|---|
zone "<%= @zone %>" {
|
||
type <%= @zonetype %>;
|
||
<% if @zonetype == 'forward' -%>
|
||
forward <%= @forward %>;
|
||
<% end -%>
|
||
<% if @manage_file == true -%>
|
||
file "<%= @zonefilename %>";
|
||
<% end -%>
|
||
<% if @zonetype == 'master' -%>
|
||
update-policy {
|
||
grant rndc-key zonesub ANY;
|
||
... | ... | |
<% unless @masters.empty? -%>
|
||
masters { <%= @masters.join('; ') %>; };
|
||
<% end -%>
|
||
<% unless @forwarders.empty? -%>
|
||
forwarders { <%= @forwarders.join('; ') %>; };
|
||
<% end -%>
|
||
};
|
templates/options.conf.erb | ||
---|---|---|
forwarders { <%= scope.lookupvar('::dns::forwarders').join("; ") %>; };
|
||
<% end -%>
|
||
|
||
recursion <%= scope.lookupvar('::dns::recursion') %>;
|
||
allow-query { <%= scope.lookupvar('::dns::allow_query').join("; ") %>; };
|
||
dnssec-enable <%= scope.lookupvar('::dns::dnssec_enable') %>;
|
||
dnssec-validation <%= scope.lookupvar('::dns::dnssec_validation') %>;
|
||
|
||
listen-on-v6 { <%= scope.lookupvar('::dns::listen_on_v6') %>; };
|
||
|
||
<% unless scope.lookupvar('::dns::allow_recursion').empty? -%>
|
Also available in: Unified diff
Added options possibilities