Puppet Class: bind

Defined in:
manifests/init.pp

Summary

Manages the BIND domain name server and DNS zones

Overview

Examples:

Caching nameserver with default configuration

include bind

Parameters:

  • authoritative (Boolean) (defaults to: false)

    Whether to enable features needed for authoritative server operation.

  • config_dir (Stdlib::Absolutepath) (defaults to: '/etc/bind')

    Directory for BIND configuration files.

  • default_options (Bind::Options) (defaults to: { 'directory' => '/var/cache/bind', })

    Default BIND [options](bind9.readthedocs.io/en/latest/reference.html#options-statement-grammar) loaded from Hiera data in this module’s ‘data` directory. Merged with, and overridden by, the `options` parameter. You’ll generally want to use the ‘options` parameter and leave `default_options` alone.

  • default_zones (Boolean) (defaults to: true)

    Whether to include the default zones in the BIND configuration.

  • dev_packages (Array[String[1]]) (defaults to: ['bind9-dev'])

    List of BIND development packages.

  • doc_packages (Array[String[1]]) (defaults to: ['bind9-doc'])

    List of BIND documentation packages.

  • utils_packages (Array[String[1]]) (defaults to: ['bind9-dnsutils'])

    List of BIND utilities packages.

  • includes (Optional[Variant[Array[Bind::Include], Bind::Include]]) (defaults to: undef)

    Additional configuration files to include in the BIND configuration using the [include](bind9.readthedocs.io/en/latest/reference.html#include-statement-grammar) statement.

  • dev_packages_ensure (Optional[String[1]]) (defaults to: undef)

    The ‘ensure` value for the BIND development packages (libraries and header files).

  • doc_packages_ensure (Optional[String[1]]) (defaults to: undef)

    The ‘ensure` value for the BIND documentation packages.

  • utils_packages_ensure (String[1]) (defaults to: 'installed')

    The ‘ensure` value for the BIND utilities packages.

  • logging (Optional[Bind::Logging]) (defaults to: undef)

    Configuration of the [logging statement](bind9.readthedocs.io/en/latest/reference.html#logging-statement-grammar).

  • options (Optional[Bind::Options]) (defaults to: undef)

    Configuration of the [options statement](bind9.readthedocs.io/en/latest/reference.html#options-statement-grammar). Merged with, and overrides, the ‘default_options` parameter.

  • package_manage (Boolean) (defaults to: true)

    Whether to have this module manage the BIND package.

  • service_manage (Boolean) (defaults to: true)

    Whether to have this module manage the BIND service.

  • package_backport (Boolean) (defaults to: false)

    Whether to install the BIND package from Debian backports.

  • package_name (String[1]) (defaults to: 'bind9')

    The name of the BIND package.

  • package_ensure (String[1]) (defaults to: installed)

    The ‘ensure` parameter for the BIND package.

  • resolvconf_package_name (String[1]) (defaults to: 'openresolv')

    The name of the resolvconf package to use if ‘resolvconf_service_enable` is `true`.

  • resolvconf_service_enable (Boolean) (defaults to: false)

    Whether to enable the named-resolvconf service so that localhost’s BIND resolver is used in ‘/etc/resolv.conf`.

  • root_hint_zone (Boolean) (defaults to: true)

    Whether to include the root zone “.” in the BIND configuration with [type ‘hint`](bind9.readthedocs.io/en/latest/reference.html#zone-types).

  • service_config_file (Stdlib::Absolutepath) (defaults to: extlib::path_join([$config_dir, 'named.conf']))

    The path to the BIND config file.

  • service_enable (Variant[Boolean, String[1]]) (defaults to: true)

    The ‘enable` parameter for the BIND service.

  • service_ensure (Stdlib::Ensure::Service) (defaults to: running)

    The ‘ensure` parameter for the BIND service.

  • service_group (String[1]) (defaults to: $service_user)

    The primary group of ‘$service_user`. Used for directory permissions.

  • service_name (String[1]) (defaults to: 'named')

    The name of the BIND service.

  • service_user (String[1]) (defaults to: 'bind')

    The user to run BIND as (for the ‘-u` command line option).

  • service_options (Optional[String[1]]) (defaults to: undef)

    [Command line options](bind9.readthedocs.io/en/latest/manpages.html#named-internet-domain-name-server) for the BIND service.

  • zones (Hash) (defaults to: {})

    Hash for creating Bind::Zone resources.

  • zone_default_expire (String[1]) (defaults to: '1000h')

    The default SOA expire time, set per a [RIPE recommendation](www.ripe.net/publications/docs/ripe-203) (same as with all of the default time values). Can be overridden by individual zones by providing a SOA record in the zone’s hash of the ‘$zones` parameter. Reference: [RFC 1035](tools.ietf.org/html/rfc1035#section-3.3.13)

  • zone_default_mname (String[1]) (defaults to: $facts['networking']['hostname'])

    The default SOA MNAME. That is, the domain name of the primary name server for the zone. Can be overridden by individual zones by providing a SOA record in the zone’s hash of the ‘$zones` parameter. Reference: [RFC 1035](tools.ietf.org/html/rfc1035#section-3.3.13)

  • zone_default_negative_caching_ttl (String[1]) (defaults to: '1h')

    The default negative caching TTL, the last field of the SOA record. Can be overridden by individual zones by providing a SOA record in the zone’s hash of the ‘$zones` parameter. Reference: [RFC 2308](tools.ietf.org/html/rfc2308)

  • zone_default_refresh (String[1]) (defaults to: '24h')

    The default SOA refresh time. Can be overridden by individual zones by providing a SOA record in the zone’s hash of the ‘$zones` parameter. Reference: [RFC 1035](tools.ietf.org/html/rfc1035#section-3.3.13)

  • zone_default_retry (String[1]) (defaults to: '2h')

    The default SOA retry time. Can be overridden by individual zones by providing a SOA record in the zone’s hash of the ‘$zones` parameter. Reference: [RFC 1035](tools.ietf.org/html/rfc1035#section-3.3.13)

  • zone_default_rname (String[1]) (defaults to: 'hostmaster')

    The default SOA RNAME. That is, the domain name-formatted email address of the person responsible for the zone. Can be overridden by individual zones by providing a SOA record in the zone’s hash of the ‘$zones` parameter. Reference: [RFC 1035](tools.ietf.org/html/rfc1035#section-3.3.13)

  • zone_default_serial (Integer[0]) (defaults to: 1)

    The default initial serial number for the zone. Can be overridden by individual zones by providing a SOA record in the zone’s hash of the ‘$zones` parameter.

  • zone_default_ttl (String[1]) (defaults to: '2d')

    The default zone-wide TTL. This value is used in the zone’s ‘$TTL` directive at the start of the zone. Individual zones can override this default with the `ttl` key in their configuration hashes in the `$zones` parameter. Also, individual resource records can override this value with the `ttl` key in their hashes. Reference: [RFC 2308](tools.ietf.org/html/rfc2308#section-4)

  • keys (Hash) (defaults to: {})

    Hash for creating Bind::Key resources.



154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
 
# File 'manifests/init.pp', line 154

class bind (
  Boolean $authoritative = false,
  Stdlib::Absolutepath $config_dir = '/etc/bind',
  Bind::Options $default_options = {
    'directory' => '/var/cache/bind',
  },
  Boolean $default_zones = true,
  Array[String[1]] $dev_packages = ['bind9-dev'],
  Array[String[1]] $doc_packages = ['bind9-doc'],
  Optional[Variant[Array[Bind::Include], Bind::Include]] $includes = undef,
  Optional[String[1]] $dev_packages_ensure = undef,
  Optional[String[1]] $doc_packages_ensure = undef,
  String[1] $utils_packages_ensure = 'installed',
  Optional[Bind::Logging] $logging = undef,
  Optional[Bind::Options] $options = undef,
  Boolean $package_backport = false,
  String[1] $package_ensure = installed,
  Boolean $package_manage = true,
  String[1] $package_name = 'bind9',
  String[1] $resolvconf_package_name = 'openresolv',
  Boolean $resolvconf_service_enable = false,
  Boolean $root_hint_zone = true,
  Stdlib::Absolutepath $service_config_file = extlib::path_join([$config_dir, 'named.conf']),
  Variant[Boolean, String[1]] $service_enable = true,
  Stdlib::Ensure::Service $service_ensure = running,
  Boolean $service_manage = true,
  String[1] $service_name = 'named',
  Optional[String[1]] $service_options = undef,
  String[1] $service_user = 'bind',
  String[1] $service_group = $service_user,
  Array[String[1]] $utils_packages = ['bind9-dnsutils'],
  Hash $zones = {},
  String[1] $zone_default_expire = '1000h',
  String[1] $zone_default_mname = $facts['networking']['hostname'],
  String[1] $zone_default_negative_caching_ttl = '1h',
  String[1] $zone_default_refresh = '24h',
  String[1] $zone_default_retry = '2h',
  String[1] $zone_default_rname = 'hostmaster',
  Integer[0] $zone_default_serial = 1,
  String[1] $zone_default_ttl = '2d',
  Hash $keys = {},
) {
  contain bind::install
  contain bind::config
  contain bind::service

  Class['bind::install']
  -> Class['bind::config']
  ~> Class['bind::service']
}