puppet-dns/manifests/config.pp at e2b80c119e8c4a5cc21dcf85836c23bab110ebda · ikonia/puppet-dns · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
# Configure dns
# @api private
class dns::config {
  if $dns::config_check {
    $validate_cmd = "${dns::named_checkconf} %"
  } else {
    $validate_cmd = undef
  }

  concat { $dns::publicviewpath:
    owner        => root,
    group        => $dns::params::group,
    mode         => '0640',
    validate_cmd => $validate_cmd,
  }

  if $dns::enable_views {
    file { $dns::viewconfigpath:
      ensure => directory,
      owner  => root,
      group  => $dns::params::group,
      mode   => '0755',
    }
  }

  concat::fragment { 'dns_zones+01-header.dns':
    target  => $dns::publicviewpath,
    content => ' ',
    order   => '01',
  }

  concat { $dns::namedconf_path:
    owner        => 'root',
    group        => $dns::params::group,
    mode         => '0640',
    require      => Concat[$dns::optionspath],
    validate_cmd => $validate_cmd,
  }

  # This file cannot be checked by named-checkconf because its content is only
  # valid inside an "options { };" directive.
  concat { $dns::optionspath:
    owner => 'root',
    group => $dns::params::group,
    mode  => '0640',
  }

  concat::fragment { 'named.conf+10-main.dns':
    target  => $dns::namedconf_path,
    content => template($dns::namedconf_template),
    order   => '10',
  }

  concat::fragment { 'options.conf+10-main.dns':
    target  => $dns::optionspath,
    content => epp($dns::optionsconf_template),
    order   => '10',
  }

  file { $dns::zonefilepath:
    ensure => directory,
    owner  => $dns::params::user,
    group  => $dns::params::group,
    mode   => '0640',
  }

  exec { 'create-rndc.key':
    command => "${dns::rndcconfgen} -a -c ${dns::rndckeypath}",
    creates => $dns::rndckeypath,
  }
  -> file { $dns::rndckeypath:
    owner => 'root',
    group => $dns::params::group,
    mode  => '0640',
  }

  # Only Debian and RedHat OS provide a sysconfig or default file where we can
  # set startup options and other environment settings for named. In FreeBSD
  # such settings must be set in the global, common /etc/rc.conf file and under
  # ArchLinux we must use systemd override files to change the startup
  # commandline. These cases are outside of this module's scope.
  if $facts['os']['family'] in ['Debian', 'RedHat'] {
    file { $dns::sysconfig_file:
      owner   => 'root',
      group   => 'root',
      mode    => '0644',
      content => template($dns::sysconfig_template),
    }
  }
}