From 5b1313f14b09151de05dfe4848211d37f57e8712 Mon Sep 17 00:00:00 2001 From: jamesp9 Date: Mon, 9 Nov 2015 20:46:35 +1100 Subject: [PATCH] arch: initial --- bind/config.sls | 2 + bind/files/arch/named.conf | 79 ++++++++++++++++++++++++++++++++ bind/files/arch/named.conf.local | 27 +++++++++++ bind/map.jinja | 13 ++++++ 4 files changed, 121 insertions(+) create mode 100644 bind/files/arch/named.conf create mode 100644 bind/files/arch/named.conf.local diff --git a/bind/config.sls b/bind/config.sls index 2967331..22e292f 100644 --- a/bind/config.sls +++ b/bind/config.sls @@ -67,6 +67,7 @@ bind_local_config: - watch_in: - service: bind +{% if grains['os_family'] != 'Arch' %} bind_default_config: file.managed: - name: {{ map.default_config }} @@ -77,6 +78,7 @@ bind_default_config: - mode: 644 - watch_in: - service: bind_restart +{% endif %} {% if grains['os_family'] == 'Debian' %} bind_key_config: diff --git a/bind/files/arch/named.conf b/bind/files/arch/named.conf new file mode 100644 index 0000000..214ba83 --- /dev/null +++ b/bind/files/arch/named.conf @@ -0,0 +1,79 @@ +// vim:set ts=4 sw=4 et: + +options { + directory "/var/named"; + pid-file "/run/named/named.pid"; + + // Uncomment these to enable IPv6 connections support + // IPv4 will still work: + // listen-on-v6 { any; }; + // Add this for no IPv4: + // listen-on { none; }; + + {#- Allow inclusion of arbitrary statements #} + {%- for statement, value in salt['pillar.get']('bind:config:options', {}).iteritems() -%} + {%- if value is iterable and value is not string %} + {{ statement }} { + {%- for item in value %} + {{ item }}; + {%- endfor %} + }; + {%- else %} + {{ statement }} {{ value }}; + {%- endif %} + {%- endfor %} +}; + +zone "localhost" IN { + type master; + file "localhost.zone"; +}; + +zone "0.0.127.in-addr.arpa" IN { + type master; + file "127.0.0.zone"; +}; + +zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" { + type master; + file "localhost.ip6.zone"; +}; + +zone "255.in-addr.arpa" IN { + type master; + file "empty.zone"; +}; + +zone "0.in-addr.arpa" IN { + type master; + file "empty.zone"; +}; + +zone "." IN { + type hint; + file "root.hint"; +}; + +//zone "example.org" IN { +// type slave; +// file "example.zone"; +// masters { +// 192.168.1.100; +// }; +// allow-query { any; }; +// allow-transfer { any; }; +//}; + +//logging { +// channel xfer-log { +// file "/var/log/named.log"; +// print-category yes; +// print-severity yes; +// severity info; +// }; +// category xfer-in { xfer-log; }; +// category xfer-out { xfer-log; }; +// category notify { xfer-log; }; +//}; + +include "{{ map.local_config }}"; diff --git a/bind/files/arch/named.conf.local b/bind/files/arch/named.conf.local new file mode 100644 index 0000000..edd6e33 --- /dev/null +++ b/bind/files/arch/named.conf.local @@ -0,0 +1,27 @@ +// +// Do any local configuration here +// + +// Consider adding the 1918 zones here, if they are not used in your +// organization +//include "/etc/bind/zones.rfc1918"; + +{% for key,args in salt['pillar.get']('bind:configured_zones', {}).iteritems() -%} +{%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %} +{%- set masters = salt['pillar.get']("bind:available_zones:" + key + ":masters") %} +zone "{{ key }}" { + type {{ args['type'] }}; + file "{{ file }}"; + {% if args['type'] == "master" -%} + {% if args['notify'] -%} + notify yes; + {% else -%} + notify no; + {%- endif -%} + {% else -%} + notify no; + masters { {{ masters }} }; + {%- endif %} +}; +{% endfor %} + diff --git a/bind/map.jinja b/bind/map.jinja index 977829a..ea03d4b 100644 --- a/bind/map.jinja +++ b/bind/map.jinja @@ -30,6 +30,19 @@ 'group': 'named', 'mode': '640' }, + 'Arch': { + 'pkgs': ['bind', 'bind-tools', 'dnssec-tools'], + 'service': 'named', + 'config_source_dir': 'bind/files/arch', + 'zones_source_dir': 'zones', + 'config': '/etc/named.conf', + 'local_config': '/etc/named.conf.local', + 'named_directory': '/var/named', + 'log_dir': '/var/log/named', + 'user': 'root', + 'group': 'named', + 'mode': '640' + }, }, merge=salt['grains.filter_by']({ 'Ubuntu': { 'log_dir': '/var/log/named',