From 2cef37f747e75018b0bbf497437a63478f230116 Mon Sep 17 00:00:00 2001
From: root <github.com@daschatten.de>
Date: Sun, 22 Mar 2015 22:07:22 +0100
Subject: [PATCH] Add support for views.

---
 README.rst                         |  5 +++++
 bind/config.sls                    | 29 +++++++++++++++++++++++++
 bind/files/debian/named.conf       |  1 -
 bind/files/debian/named.conf.local | 35 +++++++++++++++++++++++++++---
 pillar.example                     |  9 ++++++++
 5 files changed, 75 insertions(+), 4 deletions(-)

diff --git a/README.rst b/README.rst
index 322b3a6..3b37697 100644
--- a/README.rst
+++ b/README.rst
@@ -37,3 +37,8 @@ Example Pillar
         user: root
         group: named
         mode: 640
+
+Notes
+=====
+
+* When using views all zones must be configured in views!
diff --git a/bind/config.sls b/bind/config.sls
index a0cb04d..35a33f9 100644
--- a/bind/config.sls
+++ b/bind/config.sls
@@ -155,3 +155,32 @@ signed-{{file}}:
 
 {% endif %}
 {% endfor %}
+
+{%- for view, view_data in salt['pillar.get']('bind:configured_views', {}).iteritems() %}
+{%   for key,args in view_data.get('configured_zones', {}).iteritems()  -%}
+{%-  set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %}
+{%   if args['type'] == "master" -%}
+zones-{{ file }}:
+  file.managed:
+    - name: {{ map.named_directory }}/{{ file }}
+    - source: 'salt://bind/zones/{{ file }}'
+    - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
+    - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
+    - mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
+    - watch_in:
+      - service: bind
+    - require:
+      - file: {{ map.named_directory }}
+
+{%   if args['dnssec'] is defined and args['dnssec'] -%}
+signed-{{file}}:
+  cmd.run:
+    - cwd: {{ map.named_directory }}
+    - name: zonesigner -zone {{ key }} {{ file }}
+    - prereq:
+      - file: zones-{{ file }}
+{%   endif %}
+
+{%   endif %}
+{%   endfor %}
+{% endfor %}
diff --git a/bind/files/debian/named.conf b/bind/files/debian/named.conf
index 80f3eb5..80314b0 100644
--- a/bind/files/debian/named.conf
+++ b/bind/files/debian/named.conf
@@ -9,4 +9,3 @@
 include "/etc/bind/named.conf.key";
 include "/etc/bind/named.conf.options";
 include "/etc/bind/named.conf.local";
-include "/etc/bind/named.conf.default-zones";
diff --git a/bind/files/debian/named.conf.local b/bind/files/debian/named.conf.local
index 3376cf9..53a4653 100644
--- a/bind/files/debian/named.conf.local
+++ b/bind/files/debian/named.conf.local
@@ -7,9 +7,7 @@
 // organization
 //include "/etc/bind/zones.rfc1918";
 
-{% for key,args in salt['pillar.get']('bind:configured_zones', {}).iteritems()  -%}
-{%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %}
-{%- set masters = salt['pillar.get']("bind:available_zones:" + key + ":masters") %}
+{%- macro zone(key, args, file, masters) %}
 zone "{{ key }}" {
   type {{ args['type'] }};
   {% if args['dnssec'] is defined and args['dnssec'] -%}
@@ -31,8 +29,39 @@ zone "{{ key }}" {
   masters { {{ masters }} };
   {%- endif %}
 };
+{%- endmacro %}
+
+{%- if not pillar.bind.configured_views is defined %}
+include "/etc/bind/named.conf.default-zones";
+{%- endif %}
+
+{% for key,args in salt['pillar.get']('bind:configured_zones', {}).iteritems()  -%}
+{%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %}
+{%- set masters = salt['pillar.get']("bind:available_zones:" + key + ":masters") %}
+{{ zone(key, args, file, masters) }}
 {% endfor %}
 
+{% for view, view_data in salt['pillar.get']('bind:configured_views', {}).iteritems() %}
+
+view {{ view }}{
+{%-   if view == 'default' %}
+  include "/etc/bind/named.conf.default-zones";
+{%- endif %}
+
+match-clients{
+{%- for acl in view_data.get('match_clients', {}) %}
+  {{ acl }};
+{%- endfor %}
+};
+
+{% for key,args in view_data.get('configured_zones', {}).iteritems()  -%}
+{%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %}
+{%- set masters = salt['pillar.get']("bind:available_zones:" + key + ":masters") %}
+  {{ zone(key, args, file, masters) }}
+{%- endfor %}
+};
+{%- endfor %}
+
 logging {
   channel "querylog" { file "{{ map.log_dir }}/query.log"; print-time yes; };
   category queries { querylog; };
diff --git a/pillar.example b/pillar.example
index 82f4c84..7be83c6 100644
--- a/pillar.example
+++ b/pillar.example
@@ -29,6 +29,15 @@ bind:
       type: master
       allow-update: "key core_dhcp"
       notify: True 
+  configured_views:
+    myview1:
+      match_clients:
+        - client1
+        - client2
+      configured_zones:
+        my.zone:
+          type: master
+          notify: False
 
 bind:
   available_zones: