From 33c34d928dd4f1013e53456db01fd654888688bc Mon Sep 17 00:00:00 2001
From: crux-capacitor <crux-capacitor@users.noreply.github.com>
Date: Thu, 15 Nov 2018 16:00:22 -0500
Subject: [PATCH] Revert back

Made a bad commit.
---
 bind/config.sls | 165 +++++++++++++++++++++++++++---------------------
 1 file changed, 93 insertions(+), 72 deletions(-)

diff --git a/bind/config.sls b/bind/config.sls
index 5bbea61..1394904 100644
--- a/bind/config.sls
+++ b/bind/config.sls
@@ -1,5 +1,5 @@
-{% from salt.file.join(tpldir, "map.jinja") import map with context %}
-{% from salt.file.join(tpldir, "reverse_zone.jinja") import generate_reverse %}
+{% from "bind/map.jinja" import map with context %}
+{% from "bind/reverse_zone.jinja" import generate_reverse %}
 
 {%- set key_directory = salt['pillar.get']('bind:lookup:key_directory', map.key_directory) %}
 {%- set key_algorithm = salt['pillar.get']('bind:lookup:key_algorithm', map.key_algorithm) %}
@@ -14,16 +14,8 @@
 {%- endif %}
 
 include:
-  - formula.bind
+  - bind
 
-########################################
-##
-## Create the BIND config
-## Commands are numbered only for easy reference - they are not executed in order!
-##
-########################################
-
-# 1. Create log directory (/var/log/named). Configured in map.jinja.
 {{ map.chroot_dir }}{{ map.log_dir }}:
   file.directory:
     - user: root
@@ -32,7 +24,6 @@ include:
     - require:
       - pkg: bind
 
-# 2. Trigger restarts via watches on /var/log/named/query.log and bind_key_directory
 bind_restart:
   service.running:
     - name: {{ map.service }}
@@ -41,8 +32,6 @@ bind_restart:
       - file: {{ map.chroot_dir }}{{ map.log_dir }}/query.log
       - file: bind_key_directory
 
-# 3. Place /var/log/named/query.log (unless it exists already)
-# Require creation of the directory in command 1.
 {{ map.chroot_dir }}{{ map.log_dir }}/query.log:
   file.managed:
     - replace: False
@@ -52,8 +41,6 @@ bind_restart:
     - require:
       - file: {{ map.chroot_dir }}{{ map.log_dir }}
 
-# 4. Create /var/named directory. Configured in map.jinja.
-# Require bind pkg.installed (via the include at the top).
 named_directory:
   file.directory:
     - name: {{ map.named_directory }}
@@ -64,8 +51,6 @@ named_directory:
     - require:
       - pkg: bind
 
-# 5. Create a zones directory. Configured in map.jinja.
-# WE DON'T DO THIS.
 {% if map.get('zones_directory') %}
 bind_zones_directory:
   file.directory:
@@ -79,14 +64,6 @@ bind_zones_directory:
       - file: named_directory
 {% endif %}
 
-# 6. Create the bind config file /etc/named.conf
-# Uses salt://formula/bind/files/redhat/named.conf as the source template.
-# Uses jinja to template it, and passes the entire map dictionary as context.
-# View the context with: 
-#     salt -G role:dns state.show_sls formula.bind.config and look for the 'bind_config' ID.
-# Requires bind pkg.installed (via include at the top).
-# Triggers bind service reloads via the watch_in.
-# Adds an include declaration for the file created in command 7.
 bind_config:
   file.managed:
     - name: {{ map.config }}
@@ -106,16 +83,10 @@ bind_config:
     - watch_in:
       - service: bind
 
-# 7. Create /etc/named.conf.local. Configured in map.jinja
-# Works much the same as command 6.
-# Also passes zones_directory, which we don't have defined explicity, and gets set to 
-# map.named_directory (/var/named).
-# Requires bind pkg.installed (via include at the top) and query.log file.
-# Triggers bind service reloads via the watch_in. 
 bind_local_config:
   file.managed:
     - name: {{ map.local_config }}
-    - source: salt://formula/bind/files/named.conf.local.jinja
+    - source: salt://bind/files/named.conf.local.jinja
     - template: jinja
     - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
     - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
@@ -129,9 +100,6 @@ bind_local_config:
     - watch_in:
       - service: bind
 
-# 8. Create default config /etc/sysconfig/named
-# Pass map as jinja context.
-# Trigger bind service restarts via the watch_in.
 {% if grains['os_family'] not in ['Arch', 'FreeBSD']  %}
 bind_default_config:
   file.managed:
@@ -147,12 +115,64 @@ bind_default_config:
       - service: bind_restart
 {% endif %}
 
-# 9. Set up extensive logging - configured in bind pillar.
+{% if grains['os_family'] == 'Debian' %}
+bind_key_config:
+  file.managed:
+    - name: {{ map.key_config }}
+    - source: 'salt://{{ map.config_source_dir }}/named.conf.key'
+    - template: jinja
+    - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
+    - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
+    - mode: {{ salt['pillar.get']('bind:config:mode', '640') }}
+    - require:
+      - pkg: bind
+    - watch_in:
+      - service: bind
+
+bind_options_config:
+  file.managed:
+    - name: {{ map.options_config }}
+    - source: 'salt://{{ map.config_source_dir }}/named.conf.options'
+    - template: jinja
+    - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
+    - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
+    - mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
+    - context:
+        key_directory: {{ map.key_directory }}
+        named_directory: {{ map.named_directory }}
+        zones_directory: {{ zones_directory }}
+    - require:
+      - pkg: bind
+    - watch_in:
+      - service: bind
+
+bind_default_zones:
+  file.managed:
+    - name: {{ map.default_zones_config }}
+    - source: 'salt://{{ map.config_source_dir }}/named.conf.default-zones'
+    - template: jinja
+    - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
+    - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
+    - mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
+    - require:
+      - pkg: bind
+    - watch_in:
+      - service: bind
+
+/etc/logrotate.d/{{ map.service }}:
+  file.managed:
+    - source: salt://{{ map.config_source_dir }}/logrotate_bind
+    - template: jinja
+    - user: root
+    - group: root
+    - context:
+        map: {{ map }}
+
 {%- if salt['pillar.get']('bind:config:use_extensive_logging', False) %}
 bind_logging_config:
   file.managed:
     - name: {{ map.logging_config }}
-    - source: salt://formula/bind/files/named.conf.logging.jinja
+    - source: salt://bind/files/named.conf.logging.jinja
     - template: jinja
     - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
     - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
@@ -163,44 +183,51 @@ bind_logging_config:
       - pkg: bind
     - watch_in:
       - service: bind
-    - makedirs: True
 {%- endif %}
+{%- if salt['pillar.get']('bind:rndc_client', False) %}
+bind_rndc_client_config:
+  file.managed:
+    - name: {{ map.rndc_client_config }}
+    - source: salt://{{ map.config_source_dir }}/rndc.conf
+    - template: jinja
+    - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
+    - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
+    - mode: {{ salt['pillar.get']('bind:config:mode', '640') }}
+    - context:
+        map: {{ map }}
+    - require:
+      - pkg: bind
+{%- endif %}
+{% endif %}
 
-# 10. Many nested loops and if-blocks setting up the zone files and views.
-# This creates the zone files for the zones set up in available_zones and configured_zones (configured in the zones pillar).
 {%- set views = {False: salt['pillar.get']('bind', {})} %}{# process non-view zones in the same loop #}
 {%- do views.update(salt['pillar.get']('bind:configured_views', {})) %}
 {%- for view, view_data in views|dictsort %}
-{%-   set dash_view = '-' + view if view else '' %}
-{%    for zone, zone_data in view_data.get('configured_zones', {})|dictsort -%}
-{%-     if 'file' in zone_data %}
-{%-       set file = zone_data.file %}
-{%-       set zone = zone|replace(".txt", "") %}
-{%-     else %}
-{%-       set file = salt['pillar.get']("bind:available_zones:" + zone + ":file", false) %}
-{%-     endif %}
-{%-     set zone_records = salt['pillar.get']('bind:available_zones:' + zone + ':records', {}) %}
-{%-     if salt['pillar.get']('bind:available_zones:' + zone + ':generate_reverse') %}
-{%-       do generate_reverse(zone_records, salt['pillar.get']('bind:available_zones:' + zone + ':generate_reverse:net'), salt['pillar.get']('bind:available_zones:' + zone + ':generate_reverse:for_zones'), salt['pillar.get']('bind:available_zones', {})) %}
-{%-     endif %}
+{%- set dash_view = '-' + view if view else '' %}
+{% for zone, zone_data in view_data.get('configured_zones', {})|dictsort -%}
+{%- set file = salt['pillar.get']("bind:available_zones:" + zone + ":file", false) %}
+{%- set zone_records = salt['pillar.get']('bind:available_zones:' + zone + ':records', {}) %}
+{%- if salt['pillar.get']('bind:available_zones:' + zone + ':generate_reverse') %}
+{%-   do generate_reverse(zone_records, salt['pillar.get']('bind:available_zones:' + zone + ':generate_reverse:net'), salt['pillar.get']('bind:available_zones:' + zone + ':generate_reverse:for_zones'), salt['pillar.get']('bind:available_zones', {})) %}
+{%- endif %}
 {# If we define RRs in pillar, we use the internal template to generate the zone file
    otherwise, we fallback to the old behaviour and use the declared file
 #}
-{%-     set zone_source = 'salt://formula/bind/files/zone.jinja' if zone_records != {} else 'salt://' ~ map.zones_source_dir ~ '/' ~ file %}
-{%-     set serial_auto = salt['pillar.get']('bind:available_zones:' + zone + ':soa:serial', '') == 'auto' %}
-{%      if file and zone_data['type'] == 'master' -%}
+{%- set zone_source = 'salt://bind/files/zone.jinja' if zone_records != {} else 'salt://' ~ map.zones_source_dir ~ '/' ~ file %}
+{%- set serial_auto = salt['pillar.get']('bind:available_zones:' + zone + ':soa:serial', '') == 'auto' %}
+{% if file and zone_data['type'] == 'master' -%}
 zones{{ dash_view }}-{{ zone }}{{ '.include' if serial_auto else ''}}:
   file.managed:
-    - name: {{ zones_directory }}/{{ file }}{{ '.include' if serial_auto else '' }}
+    - name: {{ zones_directory }}/{{ file }}{{ '.include' if serial_auto else ''}}
     - source: {{ zone_source }}
     - template: jinja
-    {%   if zone_records != {} %}
+    {% if zone_records != {} %}
     - context:
-        zone: zones{{ dash_view }}-{{ zone }}
-        soa: {{ salt['pillar.get']("bind:available_zones:" + zone + ":soa") }}
-        records: {{ zone_records }}
-        include: False
-    {%   endif %}
+      zone: zones{{ dash_view }}-{{ zone }}
+      soa: {{ salt['pillar.get']("bind:available_zones:" + zone + ":soa") }}
+      records: {{ zone_records }}
+      include: False
+    {% endif %}
     - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
     - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
     - mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
@@ -228,9 +255,9 @@ zones{{ dash_view }}-{{ zone }}:
     - template: jinja
     {% if zone_records != {} %}
     - context:
-        zone: zones{{ dash_view }}-{{ zone }}
-        soa: {{ salt['pillar.get']("bind:available_zones:" + zone + ":soa") }}
-        include: {{ zones_directory }}/{{ file }}.include
+      zone: zones{{ dash_view }}-{{ zone }}
+      soa: {{ salt['pillar.get']("bind:available_zones:" + zone + ":soa") }}
+      include: {{ zones_directory }}/{{ file }}.include
     {% endif %}
     - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
     - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
@@ -243,9 +270,6 @@ zones{{ dash_view }}-{{ zone }}:
       - file: bind_zones_directory
       {% endif %}
 {% endif %}
-
-# 11. Sign the zone file. Configured in the bind and zones pillar files, and the map.jinja file.
-# Not sure of the hierarchy - turn off in all places if unwanted.
 {% if zone_data['dnssec'] is defined and zone_data['dnssec'] -%}
 signed{{ dash_view }}-{{ zone }}:
   cmd.run:
@@ -254,10 +278,8 @@ signed{{ dash_view }}-{{ zone }}:
     - prereq:
       - file: zones{{ dash_view }}-{{ zone }}
 {% endif %}
-
 {% endif %}
 
-# 12. More DNSSEC stuff
 {% if zone_data['auto-dnssec'] is defined -%}
 zsk-{{ zone }}:
   cmd.run:
@@ -268,7 +290,6 @@ zsk-{{ zone }}:
     - require:
       - file: bind_key_directory
 
-# 13. More DNSSEC stuff
 ksk-{{ zone }}:
   cmd.run:
     - cwd: {{ key_directory }}