Added feature rndc clinet

2025-04-15 17:20:21 +00:00 · 2017-10-29 16:46:24 +00:00 · 2017-10-29 16:46:24 +00:00 · 978ce84b15
commit 978ce84b15
parent 99593ccc8c
3 changed files with 31 additions and 3 deletions
--- a/bind/config.sls
+++ b/bind/config.sls
@ -147,6 +147,20 @@ bind_logging_config:
    - watch_in:
      - service: bind
 {%- endif %}
+{%- if salt['pillar.get']('bind:rndc_client', False) %}
+bind_rndc_client_config:
+  file.managed:
+    - name: {{ map.rndc_client_config }}
+    - source: salt://{{ map.config_source_dir }}/rndc.conf
+    - template: jinja
+    - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
+    - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
+    - mode: {{ salt['pillar.get']('bind:config:mode', '640') }}
+    - context:
+        map: {{ map }}
+    - require:
+      - pkg: bind
+{%- endif %}
 {% endif %}

 {% for zone, zone_data in salt['pillar.get']('bind:configured_zones', {}).items() -%}
--- a/bind/map.jinja
+++ b/bind/map.jinja
@ -11,6 +11,7 @@
        'default_config': '/etc/default/bind9',
        'default_zones_config': '/etc/bind/named.conf.default-zones',
        'logging_config': '/etc/bind/named.conf.logging',
+        'rndc_client_config': '/etc/bind/rndc.conf',
        'named_directory': '/var/cache/bind/zones',
        'log_dir': '/var/log/bind9',
        'log_mode': '644',
--- a/pillar.example
+++ b/pillar.example
@ -130,7 +130,6 @@ bind:
          print-time: yes
          print-category: yes
          print-severity: yes
-          syslog: dynamic
          severity: info
      category:
        default:
@ -209,8 +208,22 @@ bind:
        query-errors:
          - query-errors_log

-  controls:
-    local:
+  rndc_client:                                       # Generate rndc.conf file it uses previously defined keys
+    options:                                         
+      default:
+        server: localhost
+        port: 953
+        key: my_default_key
+    server:
+      '127.0.0.1':
+        key: dns_key
+      'localhost':
+        key: dns_key
+      '8.8.8.8':
+        key: my_default_key
+
+  controls:                                          # If you define controls then you also should configure rndc_client
+    local:                                           
      enabled: true
      bind:
        address: 127.0.0.1