Puppet Class: named::non_chroot

Defined in:
manifests/non_chroot.pp

Summary

Configures named for execution on a system taking selinux into account.

Overview

It pulls all config files from rsync.

It is meant to be called from named directly.

Parameters:

  • bind_dns_rsync (String) (defaults to: $named::bind_dns_rsync)

    The target under # /var/simp/environments/environment/rsync/os/maj_version/bind_dns from which to fetch all BIND DNS content.

  • rsync_source (String) (defaults to: "bind_dns_${named::bind_dns_rsync}_${environment}_${facts['os']['name']}_${facts['os']['release']['major']}/named")

    The source from which the module will pull its files on the rsync server

  • rsync_server (String) (defaults to: $named::rsync_server)

    The rsync server from which to pull the named configuration.

  • rsync_timeout (Variant[ Integer[0], Pattern[/\A\d+\z/] ]) (defaults to: $named::rsync_timeout)

    The timeout when connecting to the rsync server.

Author:



23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 
# File 'manifests/non_chroot.pp', line 23

class named::non_chroot (
  String               $bind_dns_rsync = $named::bind_dns_rsync,
  String               $rsync_source   = "bind_dns_${named::bind_dns_rsync}_${environment}_${facts['os']['name']}_${facts['os']['release']['major']}/named",
  String               $rsync_server   = $named::rsync_server,
  Variant[
    Integer[0],
    Pattern[/\A\d+\z/]
  ]                    $rsync_timeout  = $named::rsync_timeout,
) {
  assert_private()

  include 'rsync'

  $_rsync_user = "bind_dns_${named::bind_dns_rsync}_rsync_${server_facts['environment']}_${facts['os']['name']}_${facts['os']['release']['major']}"

  simplib::validate_net_list($rsync_server)

  file { '/etc/named.conf':
    ensure  => 'file',
    owner   => 'root',
    group   => 'named',
    mode    => '0640',
    notify  => Rsync['named_etc'],
    require => Package['bind']
  }

  rsync { 'named':
    user     => $_rsync_user,
    password => simplib::passgen($_rsync_user),
    source   => "${rsync_source}/var/named",
    target   => '/var',
    server   => $rsync_server,
    timeout  => $rsync_timeout,
    notify   => Class['named::service']
  }

  rsync { 'named_etc':
    user     => $_rsync_user,
    password => simplib::passgen($_rsync_user),
    source   => "${rsync_source}/etc/*",
    target   => '/etc',
    server   => $rsync_server,
    timeout  => $rsync_timeout,
    notify   => Class['named::service']
  }
}