saltstack-formulas/bind-formula
1
0
Fork 0
mirror of https://github.com/saltstack-formulas/bind-formula.git synced 2025-04-16 09:40:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #135 from myii/chore/standardise-structure

Browse source 
feat(yamllint): include for this repo and apply rules throughout
This commit is contained in:
Niels Abspoel 2019-08-17 09:50:03 +02:00 committed by GitHub
commit d23c01f737
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 93 additions and 59 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
.travis.yml
View file

@ -3,7 +3,7 @@
--- ---
stages: stages:
- test - test
- commitlint - lint
- name: release - name: release
if: branch = master AND type != pull_request if: branch = master AND type != pull_request
@ -45,16 +45,21 @@ script:
jobs: jobs:
include: include:
# Define the commitlint stage # Define the `lint` stage (runs `yamllint` and `commitlint`)
- stage: commitlint - stage: lint
language: node_js language: node_js
node_js: lts/* node_js: lts/*
before_install: skip before_install: skip
script: script:
# Install and run `yamllint`
- pip install --user yamllint
# yamllint disable-line rule:line-length
- yamllint -s . .yamllint pillar.example test/salt/pillar/default.sls
# Install and run `commitlint`
- npm install @commitlint/config-conventional -D - npm install @commitlint/config-conventional -D
- npm install @commitlint/travis-cli -D - npm install @commitlint/travis-cli -D
- commitlint-travis - commitlint-travis
# Define the release stage that runs semantic-release # Define the release stage that runs `semantic-release`
- stage: release - stage: release
language: node_js language: node_js
node_js: lts/* node_js: lts/*

24
.yamllint Normal file
View file

@ -0,0 +1,24 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
# Extend the `default` configuration provided by `yamllint`
extends: default
# Files to ignore completely
# 1. All YAML files under directory `node_modules/`, introduced during the Travis run
ignore: |
node_modules/
rules:
comments-indentation:
ignore: |
pillar.example
key-duplicates:
ignore: |
pillar.example
line-length:
ignore: |
pillar.example
# Increase from default of `80`
# Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`)
max: 88

100
pillar.example
View file

@ -1,6 +1,9 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
# Note - Each section beginning with 'bind:' below represents a different way you may configure # Note - Each section beginning with 'bind:' below represents a different way you may configure
pillars for bind. When configuring your pillar(s), you may use any combination of subsections, # pillars for bind. When configuring your pillar(s), you may use any combination of subsections,
but salt will not merge sections with the same heading. # but salt will not merge sections with the same heading.
### Overrides for the defaults specified by ### ### Overrides for the defaults specified by ###
@ -32,36 +35,36 @@ bind:
use_extensive_logging: # Enable extensive config for logging. Partial example. For proposed settings please refer to use_extensive_logging: # Enable extensive config for logging. Partial example. For proposed settings please refer to
channel: # https://kb.isc.org/article/AA-01526/0/BIND-Logging-some-basic-recommendations.html channel: # https://kb.isc.org/article/AA-01526/0/BIND-Logging-some-basic-recommendations.html
default_log: default_log:
file: default file: default
size: '200m' # size of a individual file (default 20m) size: '200m' # size of a individual file (default 20m)
versions: '10' # how many files will be stored (default 3) versions: '10' # how many files will be stored (default 3)
print-time: yes print-time: true
print-category: yes print-category: true
print-severity: yes print-severity: true
severity: info severity: info
queries_log: queries_log:
file: queries file: queries
print-time: yes print-time: true
print-category: yes print-category: true
print-severity: yes print-severity: true
severity: info severity: info
query-errors_log: query-errors_log:
file: query-errors file: query-errors
print-time: yes print-time: true
print-category: yes print-category: true
print-severity: yes print-severity: true
severity: dynamic severity: dynamic
default_syslog: default_syslog:
print-time: yes print-time: true
print-category: yes print-category: true
print-severity: yes print-severity: true
syslog: daemon syslog: daemon
severity: info severity: info
default_debug: default_debug:
file: named.run file: named.run
print-time: yes print-time: true
print-category: yes print-category: true
print-severity: yes print-severity: true
severity: info severity: info
category: category:
default: default:
@ -99,21 +102,21 @@ bind:
# (ipv4: 4, ipv6: 6). Omitting this reverts to # (ipv4: 4, ipv6: 6). Omitting this reverts to
# binds default of both. # binds default of both.
# Debian and FreeBSD based systems # Debian and FreeBSD based systems
default_zones: True # If set to True, the default-zones configuration default_zones: true # If set to true, the default-zones configuration
# will be enabled. Defaults to False. # will be enabled. Defaults to false.
includes: # Include any additional configuration file(s) in includes: # Include any additional configuration file(s) in
- /some/additional/named.conf # named.conf - /some/additional/named.conf # named.conf
# Debian based systems optional configs # Debian based systems optional configs
bind: bind:
config: config:
options: options:
querylog: 'yes' # Enable query logs, by default is disabled in map.jinja (yes,no) querylog: 'yes' # Enable query logs, by default is disabled in map.jinja (yes,no)
rndc_client: # Generate rndc.conf file it uses previously defined keys rndc_client: # Generate rndc.conf file it uses previously defined keys
options: options:
default: default:
server: localhost server: localhost
port: 953 port: 953
@ -127,7 +130,7 @@ bind:
key: my_default_key key: my_default_key
controls: # If you define controls then you also should configure rndc_client controls: # If you define controls then you also should configure rndc_client
local: local:
enabled: true enabled: true
bind: bind:
address: 127.0.0.1 address: 127.0.0.1
@ -147,7 +150,7 @@ bind:
keys: keys:
- core_dhcp - core_dhcp
statistics: # Enable statistics-channel statistics: # Enable statistics-channel
local: local:
enabled: true enabled: true
bind: bind:
@ -166,38 +169,38 @@ bind:
configured_zones: # Debian based systems can have zones using only configured_zones configured_zones: # Debian based systems can have zones using only configured_zones
sub.domain.com: # This zone will be copied from zones_source_dir sub.domain.com: # This zone will be copied from zones_source_dir
file: sub.domain.com # You can optionally specify name of a file here. file: sub.domain.com # You can optionally specify name of a file here.
type: master # Yo don't have define zone again in available_zones. type: master # Yo don't have define zone again in available_zones.
# This feature is backward compatibile and only available in debian # This feature is backward compatibile and only available in debian
notify: False # if type master you need specify notify True/False notify: false # if type master you need specify notify true/false
sub2.domain.com: sub2.domain.com:
file: sub2.domain.com file: sub2.domain.com
type: master type: master
notify: True notify: true
allow-query: allow-query:
- any - any
allow-transfer: allow-transfer:
- my_net - my_net
allow-update: 'none' allow-update: 'none'
also-notify: also-notify:
- 1.2.3.4 - 1.2.3.4
- 1.2.3.3 - 1.2.3.3
zone-statistics: yes # Enable detailed statistics for zone. You need enable statistics first zone-statistics: true # Enable detailed statistics for zone. You need enable statistics first
test.zone.com: test.zone.com:
file: test.zone.com file: test.zone.com
type: slave type: slave
notify: False notify: false
masters: masters:
- my_dns_masters # You can specify masters by using name - my_dns_masters # You can specify masters by using name
test.zone2.com: # Zone definied in default style of this formula test.zone2.com: # Zone definied in default style of this formula
type: slave # You need specify all info inside available_zones type: slave # You need specify all info inside available_zones
notify: False notify: false
configured_masters: # Configure master dns configured_masters: # Configure master dns
my_dns_masters: my_dns_masters:
- 10.10.20.20 - 10.10.20.20
- 10.10.30.30 - 10.10.30.30
@ -210,13 +213,12 @@ bind:
- 10.167.73.21 - 10.167.73.21
- 10.174.60.44 - 10.174.60.44
# End Debian based systems features # End Debian based systems features
# on SUSE include the forwarders.conf file generated by netconfig(8) # on SUSE include the forwarders.conf file generated by netconfig(8)
bind: bind:
config: config:
include_forwarders: True include_forwarders: true
### Keys, Zones, ACLs and Views ### ### Keys, Zones, ACLs and Views ###
@ -228,7 +230,7 @@ bind:
configured_zones: configured_zones:
sub.domain.com: # First domain zone sub.domain.com: # First domain zone
type: master # We're the master of this zone type: master # We're the master of this zone
notify: False # Don't notify any NS RRs of any changes to zone notify: false # Don't notify any NS RRs of any changes to zone
also-notify: # Do notify these IP addresses (pointless as also-notify: # Do notify these IP addresses (pointless as
- 1.1.1.1 # notify has been set to no) - 1.1.1.1 # notify has been set to no)
- 2.2.2.2 # If using views, do not define configured_zones - 2.2.2.2 # If using views, do not define configured_zones
@ -237,20 +239,20 @@ bind:
sub.domain2.com: # Domain zone with DNSSEC sub.domain2.com: # Domain zone with DNSSEC
type: master # We're the master of this zone type: master # We're the master of this zone
notify: False # Don't notify any NS RRs of any changes to zone notify: false # Don't notify any NS RRs of any changes to zone
dnssec: True # Create and manage signed zonefile with zonesigner dnssec: true # Create and manage signed zonefile with zonesigner
# You will have to install dnssec-tools by hand # You will have to install dnssec-tools by hand
# on many distributions # on many distributions
sub.domain3.com: # Domain zone with DNSSEC sub.domain3.com: # Domain zone with DNSSEC
type: master # We're the master of this zone type: master # We're the master of this zone
notify: False # Don't notify any NS RRs of any changes to zone notify: false # Don't notify any NS RRs of any changes to zone
auto-dnssec: 'maintain' # Bind will create and manage the signed zonefile auto-dnssec: 'maintain' # Bind will create and manage the signed zonefile
# itself, we only have to provide the clear zone # itself, we only have to provide the clear zone
1.168.192.in-addr.arpa: # Reverse lookup for local IPs 1.168.192.in-addr.arpa: # Reverse lookup for local IPs
type: master # As above type: master # As above
notify: False # As above notify: false # As above
allow-transfer: # As above allow-transfer: # As above
- 1.1.1.1 - 1.1.1.1
- 2.2.2.2 - 2.2.2.2
@ -258,7 +260,7 @@ bind:
dynamic.domain.com: # Our ddns zone dynamic.domain.com: # Our ddns zone
type: master # As above type: master # As above
allow-update: "key core_dhcp" # Who we allow updates from (refers to above key) allow-update: "key core_dhcp" # Who we allow updates from (refers to above key)
notify: True # Notify NS RRs of changes notify: true # Notify NS RRs of changes
sub.anotherdomain.com: # Another domain zone sub.anotherdomain.com: # Another domain zone
type: forward # This time it's a forwarding zone type: forward # This time it's a forwarding zone
@ -290,7 +292,7 @@ bind:
# serve a different record set in each. # serve a different record set in each.
# If doing this, you need to configure the zones and their record sets # If doing this, you need to configure the zones and their record sets
# underneath the 'available_zones' section. # underneath the 'available_zones' section.
notify: False notify: false
update_policy: # A given update policy update_policy: # A given update policy
- "grant core_dhcp name dns_entry_allowed_to_update. ANY" - "grant core_dhcp name dns_entry_allowed_to_update. ANY"
@ -341,8 +343,6 @@ bind:
_dmarc: '"v=DMARC1; p=quarantine; rua=mailto:dmarc@example.com; fo=1:d:s; adkim=r; aspf=r; pct=100; ri=86400"' _dmarc: '"v=DMARC1; p=quarantine; rua=mailto:dmarc@example.com; fo=1:d:s; adkim=r; aspf=r; pct=100; ri=86400"'
3.2.1.in-addr.arpa: # auto-generated reverse zone 3.2.1.in-addr.arpa: # auto-generated reverse zone
file: example.com.rev.txt file: example.com.rev.txt
soa: # Declare the SOA RRs for the zone soa: # Declare the SOA RRs for the zone

3
test/integration/default/inspec.yml
View file

@ -1,3 +1,6 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
name: default name: default
title: bind formula title: bind formula
maintainer: SaltStack Formulas maintainer: SaltStack Formulas

12
test/salt/pillar/default.sls
View file

@ -1,3 +1,6 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
bind: bind:
configured_acls: configured_acls:
client1: client1:
@ -8,15 +11,15 @@ bind:
configured_zones: configured_zones:
example.com: example.com:
type: master type: master
notify: False notify: false
update_policy: update_policy:
- "grant core_dhcp name dns_entry_allowed_to_update. ANY" - "grant core_dhcp name dns_entry_allowed_to_update. ANY"
example.net: example.net:
type: master type: master
notify: False notify: false
example.org: example.org:
type: slave type: slave
notify: False notify: false
masters: masters:
- 192.0.2.1 - 192.0.2.1
- 192.0.2.2 - 192.0.2.2
@ -25,7 +28,7 @@ bind:
notify: false notify: false
100.51.198.in-addr.arpa: 100.51.198.in-addr.arpa:
type: master type: master
notify: False notify: false
available_zones: available_zones:
example.net: example.net:
file: example.net file: example.net
@ -111,4 +114,3 @@ bind:
net: 198.51.100.0/24 net: 198.51.100.0/24
for_zones: for_zones:
- example.net - example.net