saltstack-formulas/nsd-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(zones): define and compile zone files

Browse Source
This commit is contained in:
Alexander Weidinger 2021-04-03 13:34:28 +02:00
parent eb51237183
commit 44f612e17b
39 changed files with 369 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
kitchen.yml
View File

@ -321,6 +321,7 @@ suites:
state_top:
base:
'*':
- nsd._test_dependencies
- nsd._mapdata
- nsd
pillars:

11
nsd/_test_dependencies.sls Normal file
View File

@ -0,0 +1,11 @@
{%- if grains['os_family'] == 'RedHat' or grains['os_family'] == 'Suse' %}
{%- set package = 'bind-utils' %}
{%- elif grains['os_family'] == 'Arch' %}
{%- set package = 'bind-tools' %}
{%- else %}
{% set package = 'dnsutils' %}
{%- endif %}
nsd-_test_dependencies--package--installed:
pkg.installed:
- name: {{ package }}

27
nsd/config/config_files.sls
View File

@ -6,29 +6,8 @@
{%- set sls_package_install = tplroot ~ '.package.install' %}
{%- from tplroot ~ "/map.jinja" import mapdata as nsd with context %}
{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %}
{%- from tplroot ~ "/macros.jinja" import config_file with context %}
{%- for name, template in nsd.get('config_files', {}).items() %}
{%- set identifier = 'nsd-config-config_files-file-managed-'+name %}
"{{ identifier }}":
file.managed:
- name: "{{ nsd.config_include_dir }}/{{ name }}.conf"
- source: {{ files_switch([template+'.conf', template+'.conf.jinja'],
lookup=identifier
)
}}
- mode: 644
- user: root
- group: {{ nsd.rootgroup }}
- makedirs: True
- template: jinja
- require:
- file: nsd-config-include-file-directory
- require_in:
- file: nsd-config-file-file-managed
- context:
nsd: {{ nsd | json }}
- check_cmd: nsd-checkconf
{%- endfor %}
{{ config_file(name, template) }}
{% endfor %}

1
nsd/config/init.sls
View File

@ -5,3 +5,4 @@ include:
- .include
- .config_files
- .file
- .zones

51
nsd/config/zones.sls Normal file
View File

@ -0,0 +1,51 @@
# -*- coding: utf-8 -*-
# vim: ft=sls
{#- Get the `tplroot` from `tpldir` #}
{%- set tplroot = tpldir.split('/')[0] %}
{%- set sls_package_install = tplroot ~ '.package.install' %}
{%- from tplroot ~ "/map.jinja" import mapdata as nsd with context %}
{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %}
{%- from tplroot ~ "/macros.jinja" import config_file with context %}
{%- from tplroot ~ "/macros.jinja" import zonefile_name with context %}
{%- set zones = nsd.get('zones', {}) %}
{%- if zones | length > 0 %}
{{ config_file('90-generated-zones', 'generated-zones') }}
nsd-config-zones-file-directory:
file.directory:
- name: {{ nsd.zones_dir }}
- makedirs: True
{%- for name, config in zones.items() %}
{%- set identifier = 'nsd-config-zones-file-managed-'+name %}
{%- set template = 'zones/'+name+'.zone' %}
"{{ identifier }}":
file.managed:
- name: "{{ nsd.zones_dir }}/{{ zonefile_name(name, config) }}"
- source: {{ files_switch([template, template+'.jinja'],
lookup=identifier
)
}}
- mode: 644
- user: root
- group: {{ nsd.rootgroup }}
- makedirs: True
- template: jinja
- context:
nsd: {{ nsd | json }}
- check_cmd: nsd-checkzone "{{ name }}"
- require:
- file: nsd-config-zones-file-directory
- require_in:
- service: nsd-service-running-service-running
- onchanges_in:
- cmd: nsd-service-control-reload-zones
{%- endfor %}
{%- endif %}

11
nsd/files/default/generated-zones.conf.jinja Normal file
View File

@ -0,0 +1,11 @@
{%- from "nsd/macros.jinja" import zonefile_name with context -%}
########################################################################
# File managed by Salt at <{{ source }}>.
# Your changes will be overwritten.
########################################################################
{%- for name, config in nsd.get('zones').items() %}
zone:
name: "{{ name }}"
zonefile: "{{ nsd.zones_dir }}/{{ zonefile_name(name, config) }}"
{%- endfor %}

1
nsd/files/default/local-nsd-for-unbound.conf.jinja
View File

@ -15,4 +15,5 @@ server:
port: 53530
remote-control:
control-enable: yes
control-interface: 127.0.0.1

20
nsd/files/default/zones/168.192.in-addr.arpa.zone Normal file
View File

@ -0,0 +1,20 @@
$ORIGIN 168.192.in-addr.arpa.
$TTL 1800
@ IN SOA ns1.example.test. admin.example.test. (
2021040101 ; serial number
3600 ; refresh
900 ; retry
1209600 ; expire
1800 ; ttl
)
; Name servers
IN NS ns1.example.test.
IN NS ns2.example.test.
; PTR records for name servers
1.0 IN PTR ns1.example.test.
2.0 IN PTR ns2.example.test.
; Additional PTR records
10.0 IN PTR example.test.
11.0 IN PTR mail.example.test.

21
nsd/files/default/zones/example.test.zone Normal file
View File

@ -0,0 +1,21 @@
$ORIGIN example.test.
$TTL 1800
@ IN SOA ns1.example.test. admin.example.test. (
2021040101 ; serial number
3600 ; refresh
900 ; retry
1209600 ; expire
1800 ; ttl
)
; Name servers
IN NS ns1.example.test.
IN NS ns2.example.test.
; A records for name servers
ns1 IN A 192.168.0.1
ns2 IN A 192.168.0.2
; Additional A records
@ IN A 192.168.0.10
www IN CNAME example.test.
mail IN A 192.168.0.11

35
nsd/macros.jinja Normal file
View File

@ -0,0 +1,35 @@
# -*- coding: utf-8 -*-
# vim: ft=sls
{%- set tplroot = 'nsd' %}
{%- from tplroot ~ "/map.jinja" import mapdata as nsd with context %}
{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %}
{%- macro config_file(name, template) %}
{%- set identifier = 'nsd-config-config_file-file-managed-'+name %}
"{{ identifier }}":
file.managed:
- name: "{{ nsd.config_include_dir }}/{{ name }}.conf"
- source: {{ files_switch([template+'.conf', template+'.conf.jinja'],
lookup=identifier
)
}}
- mode: 644
- user: root
- group: {{ nsd.rootgroup }}
- makedirs: True
- template: jinja
- require:
- file: nsd-config-include-file-directory
- require_in:
- file: nsd-config-file-file-managed
- context:
nsd: {{ nsd | json }}
- check_cmd: nsd-checkconf
- watch_in:
- service: nsd-service-running-service-running
{%- endmacro %}
{%- macro zonefile_name(zone_name, zone_config) -%}
{{ zone_config.get('zonefile', zone_name+'.zone') }}
{%- endmacro %}

3
nsd/map.jinja
View File

@ -1,8 +1,7 @@
# -*- coding: utf-8 -*-
# vim: ft=jinja
{#- Get the `tplroot` from `tpldir` #}
{%- set tplroot = tpldir.split("/")[0] %}
{%- set tplroot = 'nsd' %}
{%- from tplroot ~ "/libmapstack.jinja" import mapstack %}
{#- Where to lookup parameters source files #}

1
nsd/parameters/defaults.yaml
View File

@ -10,6 +10,7 @@ values:
config: '/etc/nsd/nsd.conf'
config_include_dir: '/etc/nsd/nsd.conf.d'
config_include_glob: '*.conf'
zones_dir: '/etc/nsd/zones'
service:
name: nsd
# Just here for testing

1
nsd/parameters/os_family/FreeBSD.yaml
View File

@ -15,4 +15,5 @@ values:
rootgroup: wheel
config: '/usr/local/etc/nsd/nsd.conf'
config_include_dir: '/usr/local/etc/nsd/nsd.conf.d'
zones_dir: '/usr/local/etc/nsd/zones'
...

23
nsd/service/control-reload.sls Normal file
View File

@ -0,0 +1,23 @@
# -*- coding: utf-8 -*-
# vim: ft=sls
{#- Get the `tplroot` from `tpldir` #}
{%- set tplroot = tpldir.split('/')[0] %}
{%- set sls_config_file = tplroot ~ '.config.file' %}
{%- set sls_service_running = tplroot ~ '.service.running' %}
{%- from tplroot ~ "/map.jinja" import mapdata as nsd with context %}
{%- set config_dir = salt.file.dirname(nsd.config) %}
include:
- {{ sls_config_file }}
- {{ sls_service_running }}
nsd-service-control-reload-zones:
cmd.run:
- name: nsd-control reload
- onchanges:
- service: nsd-service-running-service-running
- require:
- service: nsd-service-running-service-running
- cmd: nsd-service-control-setup-control

17
nsd/service/control-setup.sls Normal file
View File

@ -0,0 +1,17 @@
# -*- coding: utf-8 -*-
# vim: ft=sls
{#- Get the `tplroot` from `tpldir` #}
{%- set tplroot = tpldir.split('/')[0] %}
{%- set sls_config_file = tplroot ~ '.config.file' %}
{%- from tplroot ~ "/map.jinja" import mapdata as nsd with context %}
{%- set config_dir = salt.file.dirname(nsd.config) %}
include:
- {{ sls_config_file }}
nsd-service-control-setup-control:
cmd.run:
- name: nsd-control-setup
- creates: {{ config_dir }}/nsd_server.pem

2
nsd/service/init.sls
View File

@ -2,4 +2,6 @@
# vim: ft=sls
include:
- .control-setup
- .running
- .control-reload

4
nsd/service/running.sls
View File

@ -13,5 +13,5 @@ nsd-service-running-service-running:
service.running:
- name: {{ nsd.service.name }}
- enable: True
- watch:
- sls: {{ sls_config_file }}
- require:
- cmd: nsd-service-control-setup-control

11
pillar.example
View File

@ -19,6 +19,17 @@ nsd:
# Configuration is separated into several files which have their own templates
config_files:
10-server: local-nsd-for-unbound
# 90-generated-zones is reserved for zones generated by this formula
# If this section is present in your Pillar data,
# nsd.conf.d/90-generated-zones will be created and managed.
zones:
example.test:
# Just for testing purpuses
multi-master-check: no
"168.192.in-addr.arpa": {}
# NSD's include-pattern directive may be a better way to share configuration
# across zones than using YAML anchors.
tofs:
# The files_switch key serves as a selector for alternative

36
test/integration/default/controls/services.rb
View File

@ -20,4 +20,40 @@ control 'nsd.service.running' do
it { should be_enabled }
it { should be_running }
end
describe command('nslookup -port=53530 ns1.example.test 127.0.0.1') do
its('stdout') { should match "192.168.0.1" }
end
describe command('nslookup -port=53530 ns2.example.test 127.0.0.1') do
its('stdout') { should match "192.168.0.2" }
end
describe command('nslookup -port=53530 example.test 127.0.0.1') do
its('stdout') { should match "192.168.0.10" }
end
describe command('nslookup -port=53530 www.example.test 127.0.0.1') do
its('stdout') { should match "192.168.0.10" }
end
describe command('nslookup -port=53530 mail.example.test 127.0.0.1') do
its('stdout') { should match "192.168.0.11" }
end
describe command('nslookup -port=53530 192.168.0.1 127.0.0.1') do
its('stdout') { should match "ns1.example.test" }
end
describe command('nslookup -port=53530 192.168.0.2 127.0.0.1') do
its('stdout') { should match "ns2.example.test" }
end
describe command('nslookup -port=53530 192.168.0.10 127.0.0.1') do
its('stdout') { should match "example.test" }
end
describe command('nslookup -port=53530 192.168.0.11 127.0.0.1') do
its('stdout') { should match "mail.example.test" }
end
end

6
test/integration/default/files/_mapdata/amazonlinux-1.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/amazonlinux-2.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/arch-base-latest.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/centos-6.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/centos-7.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/centos-8.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/debian-10.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/debian-9.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/fedora-31.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/fedora-32.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/fedora-33.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/gentoo-2-sysd.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/gentoo-2-sysv.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/opensuse-15.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/opensuse-tumbleweed.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/oraclelinux-7.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/oraclelinux-8.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/ubuntu-16.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/ubuntu-18.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"

6
test/integration/default/files/_mapdata/ubuntu-20.yaml
View File

@ -42,3 +42,9 @@ values:
nsd-config-file-file-managed:
- nsd.conf.jinja
winner: pillar
zones:
168.192.in-addr.arpa: {}
example.test:
multi-master-check: false
zones_dir: "/etc/nsd/zones"