Home Explore Help
Register Sign In
FreifunkHochstift
/
ffho-salt-public
2
0
Fork 2
Files Issues 0 Pull Requests 0
Tree: 04a731046d
Branches Tags
ffho-salt-pu...
/
dns-server
/
init.sls

init.sls 2.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109 
  1. #
    2. 

  2. # FFHO DNS Server configuration (authoritive / recursive)
    3. 

  3. #
    4. 

  4. 

  5. {% set roles = salt['pillar.get']('node:roles', []) %}
    6. 

  6. 

  7. bind9:
    8. 

  8.   pkg.installed:
    9. 

  9.     - name: bind9
    10. 

  10.   service.running:
    11. 

  11.     - enable: True
    12. 

  12.     - reload: True
    13. 

  13. 

  14. # Reload command
    15. 

  15. rndc-reload:
    16. 

  16.   cmd.wait:
    17. 

  17.     - watch: []
    18. 

  18.     - name: /usr/sbin/rndc reload
    19. 

  19. 

  20. 

  21. # Bind options
    22. 

  22. /etc/bind/named.conf.options:
    23. 

  23.   file.managed:
    24. 

  24. {% if 'dns-recursor' in roles %}
    25. 

  25.     - source: salt://dns-server/named.conf.options.recursor
    26. 

  26. {% else %}
    27. 

  27.     - source: salt://dns-server/named.conf.options
    28. 

  28. {% endif %}
    29. 

  29.     - template: jinja
    30. 

  30.     - require:
    31. 

  31.       - pkg: bind9
    32. 

  32.     - watch_in:
    33. 

  33.       - cmd: rndc-reload
    34. 

  34. 

  35. 

  36. # Configure authoritive zones in local config
    37. 

  37. /etc/bind/named.conf.local:
    38. 

  38.   file.managed:
    39. 

  39.     - source: salt://dns-server/named.conf.local
    40. 

  40.     - template: jinja
    41. 

  41.     - require:
    42. 

  42.       - pkg: bind9
    43. 

  43.     - watch_in:
    44. 

  44.       - cmd: rndc-reload
    45. 

  45. 

  46. 

  47. # Create zones directory
    48. 

  48. /etc/bind/zones/:
    49. 

  49.   file.directory:
    50. 

  50.     - makedirs: true
    51. 

  51.     - user: root
    52. 

  52.     - group: root
    53. 

  53.     - mode: 755
    54. 

  54.     - require:
    55. 

  55.       - pkg: bind9
    56. 

  56. 

  57. 

  58. # Copy static zone files
    59. 

  59. /etc/bind/zones/static:
    60. 

  60.   file.recurse:
    61. 

  61.     - source: salt://dns-server/zones/static/
    62. 

  62.     - file_mode: 644
    63. 

  63.     - dir_mode: 755
    64. 

  64.     - user: root
    65. 

  65.     - group: root
    66. 

  66.     - clean: True
    67. 

  67.     - require:
    68. 

  68.       - file: /etc/bind/zones/
    69. 

  69.     - watch_in:
    70. 

  70.       - cmd: rndc-reload
    71. 

  71. 

  72. 

  73. # Install hybrid zone templates
    74. 

  74. /etc/bind/zones/hybrid:
    75. 

  75.   file.recurse:
    76. 

  76.     - source: salt://dns-server/zones/hybrid/
    77. 

  77.     - file_mode: 644
    78. 

  78.     - dir_mode: 755
    79. 

  79.     - user: root
    80. 

  80.     - group: root
    81. 

  81.     - clean: True
    82. 

  82.     - require:
    83. 

  83.       - file: /etc/bind/zones/
    84. 

  84.     - watch_in:
    85. 

  85.       - cmd: rndc-reload
    86. 

  86. 

  87. # Generate node/interface/PTR entries from NetBox
    88. 

  88. {% set nodes_config = salt['pillar.get'] ('nodes', {}) %}
    89. 

  89. {% set sites_config = salt['pillar.get'] ('sites', {}) %}
    90. 

  90. {% set zones = salt['ffho_dns.generate_DNS_entries'] (nodes_config, sites_config) %}
    91. 

  91. 

  92. {% for zone, entries in zones.items () %}
    93. 

  93. /etc/bind/zones/generated/gen{{ zone }}.zone:
    94. 

  94.   file.managed:
    95. 

  95.     - source: salt://dns-server/zone.gen.tmpl
    96. 

  96.     - template: jinja
    97. 

  97.     - context:
    98. 

  98.       zone: {{ zone }}
    99. 

  99.       entries: {{ entries }}
    100. 

  100.     - require_in:
    101. 

  101.       - file: Clean /etc/bind/zones/generated
    102. 

  102.     - watch_in:
    103. 

  103.       - cmd: rndc-reload
    104. 

  104. {% endfor %}
    105. 

  105. 

  106. Clean /etc/bind/zones/generated:
    107. 

  107.   file.directory:
    108. 

  108.     - name: /etc/bind/zones/generated
    109. 

  109.     - clean: True
    110.