diff --git a/files/suse_default-zones b/files/suse_default-zones new file mode 100644 index 0000000..ebe47a6 --- /dev/null +++ b/files/suse_default-zones @@ -0,0 +1,26 @@ +# Managed by Puppet +# Extracted from SUSE's default /etc/named.conf + +# The following zone definitions don't need any modification. The first one +# is the definition of the root name servers. The second one defines +# localhost while the third defines the reverse lookup for localhost. + +zone "." in { + type hint; + file "root.hint"; +}; + +zone "localhost" in { + type master; + file "localhost.zone"; +}; + +zone "0.0.127.in-addr.arpa" in { + type master; + file "127.0.0.zone"; +}; + +zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN { + type master; + file "127.0.0.zone"; +}; diff --git a/manifests/config.pp b/manifests/config.pp index 934285c..554bb0f 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -92,20 +92,31 @@ mode => '0775', } - file {'/var/log/named': - ensure => directory, - group => 'adm', - mode => '0750', - owner => $bind::params::bind_user, - seltype => 'named_log_t', + if $::osfamily == 'Debian' or $::osfamily == 'RedHat' { + file {'/var/log/named': + ensure => directory, + group => 'adm', + mode => '0750', + owner => $bind::params::bind_user, + seltype => 'named_log_t', + } } - $opts = { - - 'include' => "\"${bind::params::config_base_dir}/${bind::params::default_zones_file}\"", - 'match-clients' => [ '"any"' ], - 'recursion' => 'no', + if $::osfamily == 'Suse' { + file {'/etc/named.d/default-zones': + ensure => file, + owner => 'root', + group => 'root', + mode => '0644', + source => 'puppet:///modules/bind/suse_default-zones', } + } + + $opts = { + 'include' => "\"${bind::params::config_base_dir}/${bind::params::default_zones_file}\"", + 'match-clients' => [ '"any"' ], + 'recursion' => 'no', + } $options = deep_merge($opts, $bind::default_view) diff --git a/manifests/params.pp b/manifests/params.pp index da0baf1..4a0e76c 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -4,6 +4,31 @@ # Please refer to Class['bind']. class bind::params { + if $::osfamily == 'Debian' { + $package_name = 'bind9' + $service_name = 'bind9' + $bind_user = 'bind' + $bind_group = 'bind' + $service_has_status = true + #$service_pattern will only be used if $service_has_status is false + $service_pattern = undef + $service_restart = '/etc/init.d/bind9 reload' + $config_base_dir = '/etc/bind' + $named_conf_name = 'named.conf' + $named_local_name = 'named.conf.local' + $zones_directory = '/etc/bind/zones' + $pri_directory = '/etc/bind/pri' + $keys_directory = '/etc/bind/keys' + $dynamic_directory = '/etc/bind/dynamic' + $acls_directory = '/etc/bind/acls' + $views_directory = '/etc/bind/views' + $default_zones_file = 'named.conf.default-zones' + $default_config = { + 'directory' => '"/var/cache/bind"', + 'dnssec-validation' => 'auto', + 'auth-nxdomain' => 'no', + 'listen-on-v6' => ['any'], + } $default_logging = { 'channels' => { 'simple_log' => { @@ -18,84 +43,101 @@ 'default' => 'simple_log', }, } - - if $::osfamily == 'Debian' { - $package_name = 'bind9' - $service_name = 'bind9' - $bind_user = 'bind' - $bind_group = 'bind' - $service_has_status = true - #$service_pattern will only be used if $service_has_status is false - $service_pattern = undef - $service_restart = '/etc/init.d/bind9 reload' - $config_base_dir = '/etc/bind' - $named_conf_name = 'named.conf' - $named_local_name = 'named.conf.local' - $zones_directory = '/etc/bind/zones' - $pri_directory = '/etc/bind/pri' - $keys_directory = '/etc/bind/keys' - $dynamic_directory = '/etc/bind/dynamic' - $acls_directory = '/etc/bind/acls' - $views_directory = '/etc/bind/views' - $default_zones_file = 'named.conf.default-zones' - $default_config = { - 'directory' => '"/var/cache/bind"', - 'dnssec-validation' => 'auto', - 'auth-nxdomain' => 'no', - 'listen-on-v6' => ['any'], - } - if $bind::chroot { - fail('Chroot mode is not yet implemented for Debian in this module.') - } + if $bind::chroot { + fail('Chroot mode is not yet implemented for Debian in this module.') + } + } + elsif $::osfamily == 'RedHat' { + if $bind::chroot { + $package_name = 'bind-chroot' + $service_name = 'named-chroot' + # moving this under named so it also is available within the chroot. + $named_local_name = 'named/named.conf.local' + } else { + $package_name = 'bind' + $service_name = 'named' + $named_local_name = 'named.conf.local' + } + $bind_user = 'named' + $bind_group = 'named' + $service_pattern = undef + if versioncmp($::operatingsystemmajrelease,'7') < 0 { + $service_restart = "/etc/init.d/${service_name} restart" + $service_has_status = false + } else { + $service_restart = "/usr/bin/systemctl reload ${service_name}" + $service_has_status = true + } + $config_base_dir = '/etc' + $named_conf_name = 'named.conf' + $zones_directory = '/etc/named/zones' + $pri_directory = '/etc/named/pri' + $keys_directory = '/etc/named/keys' + $dynamic_directory = '/etc/named/dynamic' + $acls_directory = '/etc/named/acls' + $views_directory = '/etc/named/views' + $default_zones_file = 'named.rfc1912.zones' + $default_config = { + 'allow-query' => ['localhost'], + 'auth-nxdomain' => 'no', + 'bindkeys-file' => '"/etc/named.iscdlv.key"', + 'directory' => '"/var/named"', + 'dnssec-enable' => 'yes', + 'dnssec-validation' => 'yes', + 'dump-file' => '"/var/named/data/cache_dump.db"', + 'managed-keys-directory' => '"/var/named/dynamic"', + 'memstatistics-file' => '"/var/named/data/named_mem_stats.txt"', + 'pid-file' => '"/run/named/named.pid"', + 'listen-on' => ['127.0.0.1'], + 'listen-on-v6' => ['::1'], + 'session-keyfile' => '"/run/named/session.key"', + 'statistics-file' => '"/var/named/data/named_stats.txt"', } - elsif $::osfamily == 'RedHat' { - if $bind::chroot { - $package_name = 'bind-chroot' - $service_name = 'named-chroot' - # moving this under named so it also is available within the chroot. - $named_local_name = 'named/named.conf.local' - } else { - $package_name = 'bind' - $service_name = 'named' - $named_local_name = 'named.conf.local' - } - $bind_user = 'named' - $bind_group = 'named' - $service_pattern = undef - if versioncmp($::operatingsystemmajrelease,'7') < 0 { - $service_restart = "/etc/init.d/${service_name} restart" - $service_has_status = false - } else { - $service_restart = "/usr/bin/systemctl reload ${service_name}" - $service_has_status = true - } - $config_base_dir = '/etc' - $named_conf_name = 'named.conf' - $zones_directory = '/etc/named/zones' - $pri_directory = '/etc/named/pri' - $keys_directory = '/etc/named/keys' - $dynamic_directory = '/etc/named/dynamic' - $acls_directory = '/etc/named/acls' - $views_directory = '/etc/named/views' - $default_zones_file = 'named.rfc1912.zones' - $default_config = { - 'allow-query' => ['localhost'], - 'auth-nxdomain' => 'no', - 'bindkeys-file' => '"/etc/named.iscdlv.key"', - 'directory' => '"/var/named"', - 'dnssec-enable' => 'yes', - 'dnssec-validation' => 'yes', - 'dump-file' => '"/var/named/data/cache_dump.db"', - 'managed-keys-directory' => '"/var/named/dynamic"', - 'memstatistics-file' => '"/var/named/data/named_mem_stats.txt"', - 'pid-file' => '"/run/named/named.pid"', - 'listen-on' => ['127.0.0.1'], - 'listen-on-v6' => ['::1'], - 'session-keyfile' => '"/run/named/session.key"', - 'statistics-file' => '"/var/named/data/named_stats.txt"', - } + $default_logging = { + 'channels' => { + 'simple_log' => { + 'file' => '"/var/log/named/bind.log"', + 'severity' => 'warning', + 'print-time' => 'yes', + 'print-severity' => 'yes', + 'print-category' => 'yes', + }, + }, + 'categories' => { + 'default' => 'simple_log', + }, } - else { - fail "Unknown ${::operatingsystem}" + } + elsif $::osfamily == 'Suse' { + $package_name = 'bind' + $service_name = 'named' + $named_local_name = 'named.conf.include' + $bind_user = 'named' + $bind_group = 'named' + $service_pattern = undef + $service_restart = "/usr/bin/systemctl reload ${service_name}" + $service_has_status = true + $config_base_dir = '/etc' + $named_conf_name = 'named.conf' + $zones_directory = '/etc/named.d/zones' + $pri_directory = '/etc/named.d/pri' + $keys_directory = '/etc/named.d/keys' + $dynamic_directory = '/etc/named.d/dyn' + $acls_directory = '/etc/named.d/acls' + $views_directory = '/etc/named.d/views' + $default_zones_file = 'named.d/default-zones' + $default_config = { + 'directory' => '"/var/lib/named"', + 'managed-keys-directory' => '"/var/lib/named/dyn"', + 'dump-file' => '"/var/log/named_dump.db"', + 'statistics-file' => '"/var/log/named.stats"', + 'listen-on-v6' => ['any'], + 'notify' => 'no', + 'disable-empty-zone' => '"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA"', } + $default_logging = {} + } + else { + fail "Unknown ${::operatingsystem}" + } } diff --git a/metadata.json b/metadata.json index ff26aee..ce0212b 100644 --- a/metadata.json +++ b/metadata.json @@ -28,6 +28,18 @@ "operatingsystemrelease": [ "14.04" ] + }, + { + "operatingsystem": "SLES", + "operatingsystemrelease": [ + "12" + ] + }, + { + "operatingsystem": "openSUSE", + "operatingsystemrelease": [ + "42.2" + ] } ], "dependencies": [ diff --git a/spec/defines/bind_generate_spec.rb b/spec/defines/bind_generate_spec.rb index b32ee60..1876e13 100644 --- a/spec/defines/bind_generate_spec.rb +++ b/spec/defines/bind_generate_spec.rb @@ -22,6 +22,8 @@ '/etc/bind' when 'RedHat' '/etc/named' + when 'Suse' + '/etc/named.d' end end diff --git a/spec/defines/bind_key_spec.rb b/spec/defines/bind_key_spec.rb index 47f2d08..5066399 100644 --- a/spec/defines/bind_key_spec.rb +++ b/spec/defines/bind_key_spec.rb @@ -22,6 +22,8 @@ '/etc/bind' when 'RedHat' '/etc/named' + when 'Suse' + '/etc/named.d' end end diff --git a/spec/defines/bind_view_spec.rb b/spec/defines/bind_view_spec.rb index 2149334..79c1b07 100644 --- a/spec/defines/bind_view_spec.rb +++ b/spec/defines/bind_view_spec.rb @@ -20,6 +20,8 @@ '/etc/bind' when 'RedHat' '/etc/named' + when 'Suse' + '/etc/named.d' end end diff --git a/spec/defines/bind_zone_spec.rb b/spec/defines/bind_zone_spec.rb index 3f0248e..fdbe6c9 100644 --- a/spec/defines/bind_zone_spec.rb +++ b/spec/defines/bind_zone_spec.rb @@ -22,6 +22,8 @@ '/etc/bind' when 'RedHat' '/etc/named' + when 'Suse' + '/etc/named.d' end end @@ -29,7 +31,7 @@ case facts[:osfamily] when 'Debian' 'bind' - when 'RedHat' + when /RedHat|Suse/ 'named' end end diff --git a/templates/named.conf.erb b/templates/named.conf.erb index c264231..d409c8b 100644 --- a/templates/named.conf.erb +++ b/templates/named.conf.erb @@ -1,3 +1,3 @@ include "<%=scope.lookupvar("bind::params::config_base_dir")%>/acls.conf"; include "<%=scope.lookupvar("bind::params::config_base_dir")%>/named.conf.options"; -include "<%=scope.lookupvar("bind::params::config_base_dir")%>/named.conf.local"; +include "<%=scope.lookupvar("bind::params::config_base_dir")%>/<%=scope.lookupvar("bind::params::named_local_name")%>"; diff --git a/templates/named.conf.options.erb b/templates/named.conf.options.erb index be6a19a..3a58db0 100644 --- a/templates/named.conf.options.erb +++ b/templates/named.conf.options.erb @@ -16,6 +16,7 @@ options { <%end -%> }; +<%- unless @logging.empty? -%> logging { <% @logging['channels'].sort.each do |key, hash| -%> channel <%=key%> { @@ -40,3 +41,4 @@ logging { }; <%end -%> }; +<%end -%>