saltstack-formulas/bind-formula
1
0
Fork 0
mirror of https://github.com/saltstack-formulas/bind-formula.git synced 2025-04-17 02:00:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Simplified/unified some of the config state definitions. Added logic to automatically convert lists in pillar data to lists of configuration data for options.

Browse source
This commit is contained in:
Shane Poage 2015-03-23 06:54:37 -05:00
parent 28def67f99
commit a883ffaf55
6 changed files with 75 additions and 84 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

93
bind/config.sls
View file

@ -11,7 +11,7 @@ include:
bind_restart: bind_restart:
service.running: service.running:
- name: bind9 - name: {{ map.service }}
- reload: False - reload: False
- watch: - watch:
- file: {{ map.log_dir }}/query.log - file: {{ map.log_dir }}/query.log
@ -36,15 +36,16 @@ named_directory:
- require: - require:
- pkg: bind - pkg: bind
{% if grains['os_family'] == 'RedHat' %}
bind_config: bind_config:
file.managed: file.managed:
- name: {{ map.config }} - name: {{ map.config }}
- source: 'salt://bind/files/redhat/named.conf' - source: 'salt://{{ map.config_source_dir }}/named.conf'
- template: jinja - template: jinja
- user: {{ salt['pillar.get']('bind:config:user', map.user) }} - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
- group: {{ salt['pillar.get']('bind:config:group', map.group) }} - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
- mode: {{ salt['pillar.get']('bind:config:mode', '640') }} - mode: {{ salt['pillar.get']('bind:config:mode', map.mode) }}
- context:
map: {{ map }}
- require: - require:
- pkg: bind - pkg: bind
- watch_in: - watch_in:
@ -53,48 +54,7 @@ bind_config:
bind_local_config: bind_local_config:
file.managed: file.managed:
- name: {{ map.local_config }} - name: {{ map.local_config }}
- source: 'salt://bind/files/redhat/named.conf.local' - source: 'salt://{{ map.config_source_dir }}/named.conf.local'
- template: jinja
- user: {{ salt['pillar.get']('bind:config:user', map.user) }}
- group: {{ salt['pillar.get']('bind:config:group', map.group) }}
- mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
- require:
- pkg: bind
- watch_in:
- service: named
{% endif %}
{% if grains['os_family'] == 'Debian' %}
bind_config:
file.managed:
- name: {{ map.config }}
- source: 'salt://bind/files/debian/named.conf'
- template: jinja
- user: {{ salt['pillar.get']('bind:config:user', map.user) }}
- group: {{ salt['pillar.get']('bind:config:group', map.group) }}
- mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
- require:
- pkg: bind
- watch_in:
- service: bind
bind_key_config:
file.managed:
- name: {{ map.key_config }}
- source: 'salt://bind/files/debian/named.conf.key'
- template: jinja
- user: {{ salt['pillar.get']('bind:config:user', map.user) }}
- group: {{ salt['pillar.get']('bind:config:group', map.group) }}
- mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
- require:
- pkg: bind
- watch_in:
- service: bind
bind_local_config:
file.managed:
- name: {{ map.local_config }}
- source: 'salt://bind/files/debian/named.conf.local'
- template: jinja - template: jinja
- user: {{ salt['pillar.get']('bind:config:user', map.user) }} - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
- group: {{ salt['pillar.get']('bind:config:group', map.group) }} - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
@ -107,10 +67,24 @@ bind_local_config:
- watch_in: - watch_in:
- service: bind - service: bind
{% if grains['os_family'] == 'Debian' %}
bind_key_config:
file.managed:
- name: {{ map.key_config }}
- source: 'salt://{{ map.config_source_dir }}/named.conf.key'
- template: jinja
- user: {{ salt['pillar.get']('bind:config:user', map.user) }}
- group: {{ salt['pillar.get']('bind:config:group', map.group) }}
- mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
- require:
- pkg: bind
- watch_in:
- service: bind
bind_options_config: bind_options_config:
file.managed: file.managed:
- name: {{ map.options_config }} - name: {{ map.options_config }}
- source: 'salt://bind/files/debian/named.conf.options' - source: 'salt://{{ map.config_source_dir }}/named.conf.options'
- template: jinja - template: jinja
- user: {{ salt['pillar.get']('bind:config:user', map.user) }} - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
- group: {{ salt['pillar.get']('bind:config:group', map.group) }} - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
@ -123,7 +97,7 @@ bind_options_config:
bind_default_zones: bind_default_zones:
file.managed: file.managed:
- name: {{ map.default_zones_config }} - name: {{ map.default_zones_config }}
- source: 'salt://bind/files/debian/named.conf.default-zones' - source: 'salt://{{ map.config_source_dir }}/named.conf.default-zones'
- template: jinja - template: jinja
- user: {{ salt['pillar.get']('bind:config:user', map.user) }} - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
- group: {{ salt['pillar.get']('bind:config:group', map.group) }} - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
@ -135,17 +109,16 @@ bind_default_zones:
/etc/logrotate.d/{{ map.service }}: /etc/logrotate.d/{{ map.service }}:
file.managed: file.managed:
- source: salt://bind/files/debian/logrotate_bind - source: salt://{{ map.config_source_dir }}/logrotate_bind
- template: jinja - template: jinja
- user: root - user: root
- group: root - group: root
- template: jinja - template: jinja
- context: - context:
map: {{ map }} map: {{ map }}
{% endif %} {% endif %}
{% for key,args in salt['pillar.get']('bind:configured_zones', {}).iteritems() -%} {% for key, args in salt['pillar.get']('bind:configured_zones', {}).iteritems() -%}
{%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %} {%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %}
{% if args['type'] == "master" -%} {% if args['type'] == "master" -%}
zones-{{ file }}: zones-{{ file }}:
@ -161,7 +134,7 @@ zones-{{ file }}:
- file: {{ map.named_directory }} - file: {{ map.named_directory }}
{% if args['dnssec'] is defined and args['dnssec'] -%} {% if args['dnssec'] is defined and args['dnssec'] -%}
signed-{{file}}: signed-{{ file }}:
cmd.run: cmd.run:
- cwd: {{ map.named_directory }} - cwd: {{ map.named_directory }}
- name: zonesigner -zone {{ key }} {{ file }} - name: zonesigner -zone {{ key }} {{ file }}
@ -173,9 +146,9 @@ signed-{{file}}:
{% endfor %} {% endfor %}
{%- for view, view_data in salt['pillar.get']('bind:configured_views', {}).iteritems() %} {%- for view, view_data in salt['pillar.get']('bind:configured_views', {}).iteritems() %}
{% for key,args in view_data.get('configured_zones', {}).iteritems() -%} {% for key,args in view_data.get('configured_zones', {}).iteritems() -%}
{%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %} {%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %}
{% if args['type'] == "master" -%} {% if args['type'] == "master" -%}
zones-{{ file }}: zones-{{ file }}:
file.managed: file.managed:
- name: {{ map.named_directory }}/{{ file }} - name: {{ map.named_directory }}/{{ file }}
@ -188,15 +161,15 @@ zones-{{ file }}:
- require: - require:
- file: {{ map.named_directory }} - file: {{ map.named_directory }}
{% if args['dnssec'] is defined and args['dnssec'] -%} {% if args['dnssec'] is defined and args['dnssec'] -%}
signed-{{file}}: signed-{{ file }}:
cmd.run: cmd.run:
- cwd: {{ map.named_directory }} - cwd: {{ map.named_directory }}
- name: zonesigner -zone {{ key }} {{ file }} - name: zonesigner -zone {{ key }} {{ file }}
- prereq: - prereq:
- file: zones-{{ file }} - file: zones-{{ file }}
{% endif %} {% endif %}
{% endif %} {% endif %}
{% endfor %} {% endfor %}
{% endfor %} {% endfor %}

8
bind/files/debian/named.conf
View file

@ -6,6 +6,8 @@
// //
// If you are just adding zones, please do that in /etc/bind/named.conf.local // If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.key"; include "{{ map.options_config }}";
include "/etc/bind/named.conf.options"; include "{{ map.local_config }}";
include "/etc/bind/named.conf.local"; {%- if salt['pillar.get']('bind:keys', {}) is defined %}
include "{{ map.key_config }}";
{% endif %}

25
bind/files/debian/named.conf.local
View file

@ -15,7 +15,7 @@ zone "{{ key }}" {
{% else -%} {% else -%}
file "zones/{{ file }}"; file "zones/{{ file }}";
{%- endif %} {%- endif %}
{% if args['allow-update'] is defined -%} {% if args['allow-update'] is defined -%}
allow-update { {{args['allow-update']}}; }; allow-update { {{args['allow-update']}}; };
{%- endif %} {%- endif %}
{%- if args.update_policy is defined %} {%- if args.update_policy is defined %}
@ -23,7 +23,7 @@ zone "{{ key }}" {
{%- for policy in args.update_policy %} {%- for policy in args.update_policy %}
{{ policy }}; {{ policy }};
{%- endfor %} {%- endfor %}
}; };
{%- endif %} {%- endif %}
{% if args['type'] == "master" -%} {% if args['type'] == "master" -%}
{% if args['notify'] -%} {% if args['notify'] -%}
@ -38,11 +38,11 @@ zone "{{ key }}" {
}; };
{%- endmacro %} {%- endmacro %}
{%- if not pillar.bind.configured_views is defined %} {%- if salt['pillar.get']('bind:configured_views', {}) is not defined %}
include "/etc/bind/named.conf.default-zones"; include "{{ map.default_zones_config }}";
{%- endif %} {%- endif %}
{% for key,args in salt['pillar.get']('bind:configured_zones', {}).iteritems() -%} {% for key, args in salt['pillar.get']('bind:configured_zones', {}).iteritems() -%}
{%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %} {%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %}
{%- set masters = salt['pillar.get']("bind:available_zones:" + key + ":masters") %} {%- set masters = salt['pillar.get']("bind:available_zones:" + key + ":masters") %}
{{ zone(key, args, file, masters) }} {{ zone(key, args, file, masters) }}
@ -50,18 +50,18 @@ include "/etc/bind/named.conf.default-zones";
{% for view, view_data in salt['pillar.get']('bind:configured_views', {}).iteritems() %} {% for view, view_data in salt['pillar.get']('bind:configured_views', {}).iteritems() %}
view {{ view }}{ view {{ view }} {
{%- if view == 'default' %} {%- if view == 'default' %}
include "/etc/bind/named.conf.default-zones"; include "{{ map.default_zones_config }}";
{%- endif %} {%- endif %}
match-clients{ match-clients {
{%- for acl in view_data.get('match_clients', {}) %} {%- for acl in view_data.get('match_clients', {}) %}
{{ acl }}; {{ acl }};
{%- endfor %} {%- endfor %}
}; };
{% for key,args in view_data.get('configured_zones', {}).iteritems() -%} {% for key, args in view_data.get('configured_zones', {}).iteritems() -%}
{%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %} {%- set file = salt['pillar.get']("bind:available_zones:" + key + ":file") %}
{%- set masters = salt['pillar.get']("bind:available_zones:" + key + ":masters") %} {%- set masters = salt['pillar.get']("bind:available_zones:" + key + ":masters") %}
{{ zone(key, args, file, masters) }} {{ zone(key, args, file, masters) }}
@ -70,6 +70,9 @@ match-clients{
{%- endfor %} {%- endfor %}
logging { logging {
channel "querylog" { file "{{ map.log_dir }}/query.log"; print-time yes; }; channel "querylog" {
file "{{ map.log_dir }}/query.log";
print-time yes;
};
category queries { querylog; }; category queries { querylog; };
}; };

23
bind/files/debian/named.conf.options
View file

@ -15,12 +15,21 @@ options {
// }; // };
auth-nxdomain no; # conform to RFC1035 auth-nxdomain no; # conform to RFC1035
{% if salt['pillar.get']('bind:config:ipv6', 'False') %}
listen-on-v6 { {{ salt['pillar.get']('bind:config:ipv6_listen', 'any') }}; };
{% endif -%}
{# Allow inclusion of arbitrary statements -#} {%- if salt['pillar.get']('bind:config:ipv6', False) %}
{% for statement, value in salt['pillar.get']('bind:config:options', {}).iteritems() -%} listen-on-v6 { {{ salt['pillar.get']('bind:config:ipv6_listen', 'any') }}; };
{{ statement }} {{ value}} {%- endif -%}
{% endfor -%}
{#- Allow inclusion of arbitrary statements #}
{%- for statement, value in salt['pillar.get']('bind:config:options', {}).iteritems() -%}
{%- if value is iterable and value is not string %}
{{ statement }} {
{%- for item in value %}
{{ item }};
{%- endfor %}
};
{%- else %}
{{ statement }} {{ value }};
{%- endif %}
{%- endfor %}
}; };

2
bind/files/redhat/named.conf
View file

@ -41,5 +41,5 @@ zone "." IN {
}; };
include "/etc/named.rfc1912.zones"; include "/etc/named.rfc1912.zones";
include "/etc/named.conf.local"; include "{{ map.local_config }}";
include "/etc/named.root.key"; include "/etc/named.root.key";

8
bind/map.jinja
View file

@ -2,6 +2,7 @@
'Debian': { 'Debian': {
'pkgs': ['bind9', 'bind9utils', 'dnssec-tools'], 'pkgs': ['bind9', 'bind9utils', 'dnssec-tools'],
'service': 'bind9', 'service': 'bind9',
'config_source_dir': 'bind/files/debian',
'config': '/etc/bind/named.conf', 'config': '/etc/bind/named.conf',
'local_config': '/etc/bind/named.conf.local', 'local_config': '/etc/bind/named.conf.local',
'key_config': '/etc/bind/named.conf.key', 'key_config': '/etc/bind/named.conf.key',
@ -10,17 +11,20 @@
'named_directory': '/var/cache/bind/zones', 'named_directory': '/var/cache/bind/zones',
'log_dir': '/var/log/bind9', 'log_dir': '/var/log/bind9',
'user': 'root', 'user': 'root',
'group': 'bind' 'group': 'bind',
'mode': '644'
}, },
'RedHat': { 'RedHat': {
'pkgs': ['bind'], 'pkgs': ['bind'],
'service': 'named', 'service': 'named',
'config_source_dir': 'bind/files/redhat',
'config': '/etc/named.conf', 'config': '/etc/named.conf',
'local_config': '/etc/named.conf.local', 'local_config': '/etc/named.conf.local',
'named_directory': '/var/named/data', 'named_directory': '/var/named/data',
'log_dir': '/var/log/named', 'log_dir': '/var/log/named',
'user': 'root', 'user': 'root',
'group': 'named' 'group': 'named',
'mode': '640'
}, },
}, merge=salt['grains.filter_by']({ }, merge=salt['grains.filter_by']({
'Ubuntu': { 'Ubuntu': {