all

commit: fbfa168f1f0b9abc0ab1184071128d21cc92d683 [log] [tgz]
author: Ales Komarek <mail@newt.cz> Mon Sep 22 11:31:14 2014 +0200
committer: Ales Komarek <mail@newt.cz> Mon Sep 22 11:31:14 2014 +0200
tree: 9f4305ddc21efff78466a3cc7104af3428eb2faf
parent: 882ac7b7228b3550fd1cad493ad766accba7ba20 [diff]
diff --git a/README.md b/README.md
index cd8c6a8..5c56de1 100644
--- a/README.md
+++ b/README.md

@@ -1,16 +1,22 @@
 
 # Bind DNS service
 
-bind:
-  configured_zones:
-    sub.domain.com:
-      type: master
-      notify: False
-    1.168.192.in-addr.arpa:
-      type: master
-      notify: False
+## Sample pillars
 
-available_zones:
-  sub.domain.org:
-    file: db.sub.domain.org
-    masters: "192.168.0.1;"
\ No newline at end of file
+  bind:
+    configured_zones:
+      sub.domain.com:
+        type: master
+        notify: False
+      1.168.192.in-addr.arpa:
+        type: master
+        notify: False
+
+  available_zones:
+    sub.domain.org:
+      file: db.sub.domain.org
+      masters: "192.168.0.1;"
+
+## Read more
+
+* 
\ No newline at end of file

diff --git a/files/named.conf b/files/named.conf.Debian
similarity index 100%
rename from files/named.conf
rename to files/named.conf.Debian


diff --git a/init.sls b/init.sls
index 8c8a197..b9a143c 100644
--- a/init.sls
+++ b/init.sls

@@ -1,5 +1,5 @@
 
 include:
-{% if pillar.bind.server is defined %}
+{%- if pillar.bind.server is defined %}
 - bind.server
-{% endif %}
+{%- endif %}

diff --git a/map.jinja b/map.jinja
index 7411982..ff9678b 100644
--- a/map.jinja
+++ b/map.jinja

@@ -1,22 +1,25 @@
-{% set server = salt['grains.filter_by']({
-    'Debian': {
-        'pkgs': ['bind9', 'bind9utils'],
-        'service': 'bind9',
-        'config': '/etc/bind/named.conf',
-        'local_config': '/etc/bind/named.conf.local',
-        'options_config': '/etc/bind/named.conf.options',
-        'default_zones_config': '/etc/bind/named.conf.default-zones',
-        'named_directory': '/var/cache/bind/zones',
-        'user': 'root',
-        'group': 'bind'
-    },
-    'RedHat': {
-        'pkgs': ['bind'],
-        'service': 'named',
-        'config': '/etc/named.conf',
-        'local_config': '/etc/named.conf.local',
-        'named_directory': '/var/named/data',
-        'user': 'root',
-        'group': 'named'
-    },
+
+{%- set server = salt['grains.filter_by']({
+  'Debian': {
+    'pkgs': ['bind9', 'bind9utils'],
+    'service': 'bind9',
+    'config': '/etc/bind/named.conf',
+    'local_config': '/etc/bind/named.conf.local',
+    'options_config': '/etc/bind/named.conf.options',
+    'default_zones_config': '/etc/bind/named.conf.default-zones',
+    'named_dir': '/var/cache/bind/zones',
+    'rndc_key': '/etc/rndc.key',
+    'user': 'root',
+    'group': 'bind'
+  },
+  'RedHat': {
+    'pkgs': ['bind'],
+    'service': 'named',
+    'config': '/etc/named.conf',
+    'local_config': '/etc/named.conf.local',
+    'named_dir': '/var/named/data',
+    'rndc_key': '/etc/rndc.key',
+    'user': 'root',
+    'group': 'named'
+  },
 }, merge=salt['pillar.get']('bind:server')) %}

diff --git a/server/service.sls b/server/service.sls
index cd7d3d7..0914943 100644
--- a/server/service.sls
+++ b/server/service.sls

@@ -1,126 +1,138 @@
-{% from "bind/map.jinja" import server with context %}
+{%- from "bind/map.jinja" import server with context %}
+{%- if server.enabled %}
 
 bind_packages:
   pkg.installed:
-    - pkgs: {{ server.pkgs|json }}
+  - pkgs: {{ server.pkg }}
 
 named_directory:
   file.directory:
-    - name: {{ map.named_directory }}
-    - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
-    - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
-    - mode: 775
-    - makedirs: True
-    - require:
-      - pkg: bind
+  - name: {{ server.named_dir }}
+  - user: {{ server.user }}
+  - group: {{ server.group }}
+  - mode: 775
+  - makedirs: True
+  - require:
+    - pkg: bind
 
-{% if grains.os_family == 'RedHat' %}
+{%- if grains.os_family == 'RedHat' %}
+
 bind_config:
   file.managed:
-    - name: {{ map.config }}
-    - source: 'salt://bind/files/redhat/named.conf'
-    - template: jinja
-    - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
-    - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
-    - mode: {{ salt['pillar.get']('bind:config:mode', '640') }}
-    - require:
-      - pkg: bind
-    - watch_in:
-      - service: bind
+  - name: {{ server.config }}
+  - source: 'salt://bind/files/named.conf.RedHat'
+  - template: jinja
+  - user: {{ server.user }}
+  - group: {{ server.group }}
+  - mode: 640
+  - require:
+    - pkg: bind_packages
+  - watch_in:
+    - service: bind_service
 
 bind_local_config:
   file.managed:
     - name: {{ map.local_config }}
     - source: 'salt://bind/files/redhat/named.conf.local'
     - template: jinja
-    - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
-    - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
-    - mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
+    - user: {{ server.user }}
+    - group: {{ server.group }}
+    - mode: 644
     - require:
-      - pkg: bind
+      - pkg: bind_packages
     - watch_in:
-      - service: named
-{% endif %}
+      - service: bind_service
 
-{% if grains['os_family'] == 'Debian' %}
+{%- endif %}
+
+{%- if grains['os_family'] == 'Debian' %}
+
 bind_config:
-  file:
-    - managed
-    - name: {{ map.config }}
-    - source: 'salt://bind/files/debian/named.conf'
-    - template: jinja
-    - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
-    - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
-    - mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
-    - require:
-      - pkg: bind
-    - watch_in:
-      - service: bind
+  file.managed:
+  - name: {{ map.config }}
+  - source: 'salt://bind/files/debian/named.conf.Debian'
+  - template: jinja
+  - user: {{ server.user }}
+  - group: {{ server.group }}
+  - mode: 644
+  - require:
+    - pkg: bind_packages
+  - watch_in:
+    - service: bind_service
 
 bind_local_config:
-  file:
-    - managed
-    - name: {{ map.local_config }}
-    - source: 'salt://bind/files/debian/named.conf.local'
-    - template: jinja
-    - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
-    - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
-    - mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
-    - require:
-      - pkg: bind
-    - watch_in:
-      - service: bind
+  file.managed:
+  - name: {{ map.local_config }}
+  - source: 'salt://bind/files/debian/named.conf.local'
+  - template: jinja
+  - user: {{ server.user }}
+  - group: {{ server.group }}
+  - mode: 644
+  - require:
+    - pkg: bind_packages
+  - watch_in:
+    - service: bind_service
 
 bind_options_config:
-  file:
-    - managed
-    - name: {{ map.options_config }}
-    - source: 'salt://bind/files/debian/named.conf.options'
-    - template: jinja
-    - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
-    - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
-    - mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
-    - require:
-      - pkg: bind
-    - watch_in:
-      - service: bind
+  file.managed:
+  - name: {{ map.options_config }}
+  - source: 'salt://bind/files/debian/named.conf.options'
+  - template: jinja
+  - user: {{ server.user }}
+  - group: {{ server.group }}
+  - mode: 644
+  - require:
+    - pkg: bind_packages
+  - watch_in:
+    - service: bind_service
 
 bind_default_zones:
-  file:
-    - managed
-    - name: {{ map.default_zones_config }}
-    - source: 'salt://bind/files/debian/named.conf.default-zones'
-    - template: jinja
-    - user: {{ salt['pillar.get']('bind:config:user', map.user) }}
-    - group: {{ salt['pillar.get']('bind:config:group', map.group) }}
-    - mode: {{ salt['pillar.get']('bind:config:mode', '644') }}
-    - require:
-      - pkg: bind
-    - watch_in:
-      - service: bind
+  file.managed:
+  - name: {{ map.default_zones_config }}
+  - source: 'salt://bind/files/debian/named.conf.default-zones'
+  - template: jinja
+  - user: {{ server.user }}
+  - group: {{ server.group }}
+  - mode: 644
+  - require:
+    - pkg: bind_packages
+  - watch_in:
+    - service: bind_service
 
 /var/log/bind9:
-  file:
-    - directory
-    - user: root
-    - group: bind
-    - mode: 775
-    - template: jinja
-
+  file.directory:
+  - user: {{ server.user }}
+  - group: {{ server.group }}
+  - mode: 775
+  - template: jinja
 
 /etc/logrotate.d/bind9:
-  file:
-    - managed
-    - source: salt://bind/files/debian/logrotate_bind
-    - user: root
-    - group: root
+  file.managed:
+  - source: salt://bind/files/logrotate
+  - user: root
+  - group: root
+
+setup_rndc:
+  cmd.run:
+  - name: /usr/sbin/rndc-confgen -r /dev/urandom -a -c {{ server.rndc_key }}
+  - require:
+    - pkg: bind_packages
+
+{{ server.rndc_key }}
+  file.managed:
+  - user: root
+  - mode: 0640
+  - require:
+    - cmd: setup_rndc
 
 {%- endif %}
 
 bind_service:
   service.running:
-    - name: {{ server.service }}
-    - enable: true
-    - reload: true
-    - require:
-      - pkg: bind_packages
+  - name: {{ server.service }}
+  - enable: true
+  - reload: true
+  - require:
+    - pkg: bind_packages
+
+{%- endif %}
\ No newline at end of file
commit	fbfa168f1f0b9abc0ab1184071128d21cc92d683	[log] [tgz]
author	Ales Komarek <mail@newt.cz>	Mon Sep 22 11:31:14 2014 +0200
committer	Ales Komarek <mail@newt.cz>	Mon Sep 22 11:31:14 2014 +0200
tree	9f4305ddc21efff78466a3cc7104af3428eb2faf
parent	882ac7b7228b3550fd1cad493ad766accba7ba20 [diff]