Puppet Class: bind

Inherits:
bind::defaults
Defined in:
manifests/init.pp

Overview

Parameters:

  • forwarders (Any) (defaults to: undef)
  • forward (Any) (defaults to: undef)
  • dnssec (Any) (defaults to: undef)
  • filter_ipv6 (Any) (defaults to: undef)
  • version (Any) (defaults to: undef)
  • statistics_port (Any) (defaults to: undef)
  • auth_nxdomain (Any) (defaults to: undef)
  • include_default_zones (Any) (defaults to: true)
  • include_local (Any) (defaults to: false) 


3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
# File 'manifests/init.pp', line 3

class bind (
    $forwarders            = undef,
    $forward               = undef,
    $dnssec                = undef,
    $filter_ipv6           = undef,
    $version               = undef,
    $statistics_port       = undef,
    $auth_nxdomain         = undef,
    $include_default_zones = true,
    $include_local         = false,
) inherits bind::defaults {

    File {
        ensure  => present,
        owner   => 'root',
        group   => $bind_group,
        mode    => '0644',
        require => Package['bind'],
        notify  => Service['bind'],
    }

    include ::bind::updater

    package { 'bind':
        ensure => latest,
        name   => $bind_package,
    }

    if $dnssec {
        file { '/usr/local/bin/dnssec-init':
            ensure => present,
            owner  => 'root',
            group  => 'root',
            mode   => '0755',
            source => 'puppet:///modules/bind/dnssec-init',
        }
    }

    # rndc only supports HMAC-MD5
    bind::key { 'rndc-key':
        algorithm   => 'hmac-md5',
        secret_bits => '512',
        keydir      => $confdir,
        keyfile     => 'rndc.key',
        include     => false,
    }

    file { '/usr/local/bin/rndc-helper':
        ensure  => present,
        owner   => 'root',
        group   => 'root',
        mode    => '0755',
        content => template('bind/rndc-helper.erb'),
    }

    file { "${confdir}/zones":
        ensure  => directory,
        mode    => '2755',
    }

    file { $namedconf:
        content => template('bind/named.conf.erb'),
    }

    if $include_default_zones and $default_zones_source {
        file { $default_zones_include:
            source => $default_zones_source,
        }
    }

    class { 'bind::keydir':
        keydir => "${confdir}/keys",
    }

    concat { [
        "${confdir}/acls.conf",
        "${confdir}/keys.conf",
        "${confdir}/views.conf",
        "${confdir}/servers.conf",
        "${confdir}/logging.conf",
        "${confdir}/view-mappings.txt",
        "${confdir}/domain-mappings.txt",
        ]:
        owner   => 'root',
        group   => $bind_group,
        mode    => '0644',
        warn    => true,
        require => Package['bind'],
        notify  => Service['bind'],
    }

    concat::fragment { 'bind-logging-header':
        order   => "00-header",
        target  => "${confdir}/logging.conf",
        content => "logging {\n";
    }

    concat::fragment { 'bind-logging-footer':
        order   => "99-footer",
        target  => "${confdir}/logging.conf",
        content => "};\n";
    }

    service { 'bind':
        ensure     => running,
        name       => $bind_service,
        enable     => true,
        hasrestart => true,
        hasstatus  => true,
    }
}