mirror of
https://github.com/saltstack-formulas/bind-formula.git
synced 2025-04-16 09:40:22 +00:00
Merge pull request #84 from nadvornik/serial
Auto-update zone file serial
This commit is contained in:
Javier Bértoli
GitHub
commit
6e8652dcb3
3 changed files with 49 additions and 45 deletions
|
|
@ -168,62 +168,30 @@ bind_rndc_client_config:
|
|||
{%- endif %}
|
||||
{% endif %}
|
||||
|
||||
{% for zone, zone_data in salt['pillar.get']('bind:configured_zones', {}).items() -%}
|
||||
{%- set file = salt['pillar.get']("bind:available_zones:" + zone + ":file", false) %}
|
||||
{%- set zone_records = salt['pillar.get']('bind:available_zones:' + zone + ':records', {}) %}
|
||||
{# If we define RRs in pillar, we use the internal template to generate the zone file
|
||||
otherwise, we fallback to the old behaviour and use the declared file
|
||||
#}
|
||||
{%- set zone_source = 'salt://bind/files/zone.jinja' if zone_records != {} else 'salt://' ~ map.zones_source_dir ~ '/' ~ file %}
|
||||
{% if file and zone_data['type'] == "master" -%}
|
||||
zones-{{ zone }}:
|
||||
file.managed:
|
||||
- name: {{ map.named_directory }}/{{ file }}
|
||||
- source: {{ zone_source }}
|
||||
- template: jinja
|
||||
{% if zone_records != {} %}
|
||||
- context:
|
||||
soa: {{ salt['pillar.get']("bind:available_zones:" + zone + ":soa") }}
|
||||
records: {{ zone_records }}
|
||||
{% endif %}
|
||||
- user: {{ salt['pillar.get']('bind:config:user', map.user) }}
|
||||
- group: {{ salt['pillar.get']('bind:config:group', map.group) }}
|
||||
- mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
|
||||
- watch_in:
|
||||
- service: bind
|
||||
- require:
|
||||
- file: named_directory
|
||||
|
||||
{% if zone_data['dnssec'] is defined and zone_data['dnssec'] -%}
|
||||
signed-{{ zone }}:
|
||||
cmd.run:
|
||||
- cwd: {{ map.named_directory }}
|
||||
- name: zonesigner -zone {{ zone }} {{ file }}
|
||||
- prereq:
|
||||
- file: zones-{{ zone }}
|
||||
{% endif %}
|
||||
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
|
||||
{%- for view, view_data in salt['pillar.get']('bind:configured_views', {}).items() %}
|
||||
{%- set views = {False: salt['pillar.get']('bind', {})} %}{# process non-view zones in the same loop #}
|
||||
{%- do views.update(salt['pillar.get']('bind:configured_views', {})) %}
|
||||
{%- for view, view_data in views.items() %}
|
||||
{%- set dash_view = '-' + view if view else '' %}
|
||||
{% for zone, zone_data in view_data.get('configured_zones', {}).items() -%}
|
||||
{%- set file = salt['pillar.get']("bind:available_zones:" + zone + ":file", false) %}
|
||||
{%- set zone_records = salt['pillar.get']('bind:available_zones:' + zone + ':records', {}) %}
|
||||
{# If we define RRs in pillar, we use the internal template to generate the zone file
|
||||
otherwise, we fallback to the old behaviour and use the declared file
|
||||
#}
|
||||
{%- set zone_source = 'salt://bind/zone.jinja' if zone_records != {} else 'salt://' ~ map.zones_source_dir ~ '/' ~ file %}
|
||||
{%- set zone_source = 'salt://bind/files/zone.jinja' if zone_records != {} else 'salt://' ~ map.zones_source_dir ~ '/' ~ file %}
|
||||
{%- set serial_auto = salt['pillar.get']('bind:available_zones:' + zone + ':soa:serial', '') == 'auto' %}
|
||||
{% if file and zone_data['type'] == 'master' -%}
|
||||
zones-{{ view }}-{{ zone }}:
|
||||
zones{{ dash_view }}-{{ zone }}{{ '.include' if serial_auto else ''}}:
|
||||
file.managed:
|
||||
- name: {{ map.named_directory }}/{{ file }}
|
||||
- name: {{ map.named_directory }}/{{ file }}{{ '.include' if serial_auto else ''}}
|
||||
- source: {{ zone_source }}
|
||||
- template: jinja
|
||||
{% if zone_records != {} %}
|
||||
- context:
|
||||
zone: zones{{ dash_view }}-{{ zone }}
|
||||
soa: {{ salt['pillar.get']("bind:available_zones:" + zone + ":soa") }}
|
||||
records: {{ zone_records }}
|
||||
include: False
|
||||
{% endif %}
|
||||
- user: {{ salt['pillar.get']('bind:config:user', map.user) }}
|
||||
- group: {{ salt['pillar.get']('bind:config:group', map.group) }}
|
||||
|
|
@ -233,13 +201,41 @@ zones-{{ view }}-{{ zone }}:
|
|||
- require:
|
||||
- file: named_directory
|
||||
|
||||
{% if serial_auto %}
|
||||
zones{{ dash_view }}-{{ zone }}:
|
||||
module.wait:
|
||||
- name: dnsutil.serial
|
||||
- update: True
|
||||
- zone: zones{{ dash_view }}-{{ zone }}
|
||||
- watch:
|
||||
- file: {{ map.named_directory }}/{{ file }}.include
|
||||
file.managed:
|
||||
- name: {{ map.named_directory }}/{{ file }}
|
||||
- require:
|
||||
- module: zones{{ dash_view }}-{{ zone }}
|
||||
- source: {{ zone_source }}
|
||||
- template: jinja
|
||||
{% if zone_records != {} %}
|
||||
- context:
|
||||
zone: zones{{ dash_view }}-{{ zone }}
|
||||
soa: {{ salt['pillar.get']("bind:available_zones:" + zone + ":soa") }}
|
||||
include: {{ file }}.include
|
||||
{% endif %}
|
||||
- user: {{ salt['pillar.get']('bind:config:user', map.user) }}
|
||||
- group: {{ salt['pillar.get']('bind:config:group', map.group) }}
|
||||
- mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
|
||||
- watch_in:
|
||||
- service: bind
|
||||
- require:
|
||||
- file: named_directory
|
||||
{% endif %}
|
||||
{% if zone_data['dnssec'] is defined and zone_data['dnssec'] -%}
|
||||
signed-{{ view }}-{{ zone }}:
|
||||
signed{{ dash_view }}-{{ zone }}:
|
||||
cmd.run:
|
||||
- cwd: {{ map.named_directory }}
|
||||
- name: zonesigner -zone {{ zone }} {{ file }}
|
||||
- prereq:
|
||||
- file: zones-{{ view }}-{{ zone }}
|
||||
- file: zones{{ dash_view }}-{{ zone }}
|
||||
{% endif %}
|
||||
|
||||
{% endif %}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@
|
|||
; Modify the values passed to the bind pillar instead.
|
||||
;
|
||||
{%- set zone_serial = soa['serial'] %}
|
||||
{%- set serial_auto = zone_serial == 'auto' %}
|
||||
{%- set zone_ns = soa['ns'] %}
|
||||
{%- set zone_contact = soa['contact'] %}
|
||||
{%- set zone_class = soa['class'] if soa['class'] is defined else 'IN' %}
|
||||
|
|
@ -11,17 +12,22 @@
|
|||
{%- set zone_expiry = soa['expiry'] if soa['expiry'] is defined else '2w' %}
|
||||
{%- set zone_nxdomain = soa['nxdomain'] if soa['nxdomain'] is defined else '1m' %}
|
||||
|
||||
{% if not serial_auto or include %}
|
||||
{% if soa['ttl'] is defined %}
|
||||
$TTL {{ soa['ttl'] }}
|
||||
{% endif %}
|
||||
@ {{ zone_class }} SOA {{ zone_ns }} {{ zone_contact }} (
|
||||
{{ zone_serial }} ; serial
|
||||
{{ salt['dnsutil.serial'](zone) if serial_auto else zone_serial }} ; serial
|
||||
{{ zone_refresh }} ; refresh
|
||||
{{ zone_retry }} ; retry
|
||||
{{ zone_expiry }} ; expiry
|
||||
{{ zone_nxdomain }} ; nxdomain ttl
|
||||
);
|
||||
{%- endif %}
|
||||
|
||||
{% if include %}
|
||||
$INCLUDE {{ include }}
|
||||
{% else %}
|
||||
{% for type, rrs in records.iteritems() %}
|
||||
;
|
||||
; {{ type }} RRs
|
||||
|
|
@ -36,3 +42,4 @@ $TTL {{ soa['ttl'] }}
|
|||
{%- endif %}
|
||||
{%- endfor %}
|
||||
{% endfor %}
|
||||
{%- endif %}
|
||||
|
|
|
|||
|
|
@ -272,6 +272,7 @@ bind:
|
|||
ns: ns1.example.com # Required
|
||||
contact: hostmaster.example.com # Required
|
||||
serial: 2017041001 # Required
|
||||
# serial: auto # Alternatively, autoupdate serial on each change
|
||||
class: IN # Optional. Default: IN
|
||||
refresh: 8600 # Optional. Default: 12h
|
||||
retry: 900 # Optional. Default: 15m
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue