Compare commits
5 Commits
lintfix
...
libertacas
Author | SHA1 | Date | |
---|---|---|---|
5e4711d87c | |||
5023b5e0a3 | |||
9bbffa5f1f | |||
307ed12b2b | |||
de523dd8df |
68
kitchen.yml
68
kitchen.yml
@ -283,10 +283,10 @@ platforms:
|
||||
- name: ubuntu-1604-3000-8-py2
|
||||
driver:
|
||||
image: saltimages/salt-3000.8-py2:ubuntu-16.04
|
||||
# - name: arch-base-latest-3000-8-py2
|
||||
# driver:
|
||||
# image: saltimages/salt-3000.8-py2:arch-base-latest
|
||||
# run_command: /usr/lib/systemd/systemd
|
||||
# - name: arch-base-latest-3000-8-py2
|
||||
# driver:
|
||||
# image: saltimages/salt-3000.8-py2:arch-base-latest
|
||||
# run_command: /usr/lib/systemd/systemd
|
||||
|
||||
provisioner:
|
||||
name: salt_solo
|
||||
@ -336,33 +336,33 @@ suites:
|
||||
verifier:
|
||||
inspec_tests:
|
||||
- path: test/integration/default
|
||||
# - name: gentoo
|
||||
# includes:
|
||||
# - gentoo-stage3-latest-master-py3
|
||||
# - gentoo-stage3-systemd-master-py3
|
||||
# - gentoo-stage3-latest-3002-5-py3
|
||||
# - gentoo-stage3-systemd-3002-5-py3
|
||||
# - gentoo-stage3-latest-3001-6-py3
|
||||
# - gentoo-stage3-systemd-3001-6-py3
|
||||
# - gentoo-stage3-latest-3000-8-py3
|
||||
# - gentoo-stage3-systemd-3000-8-py3
|
||||
# provisioner:
|
||||
# state_top:
|
||||
# base:
|
||||
# '*':
|
||||
# - nsd._mapdata
|
||||
# - nsd
|
||||
# pillars:
|
||||
# top.sls:
|
||||
# base:
|
||||
# '*':
|
||||
# - nsd
|
||||
# - gentoo
|
||||
# - define_roles
|
||||
# pillars_from_files:
|
||||
# nsd.sls: pillar.example
|
||||
# gentoo.sls: test/salt/pillar/gentoo.sls
|
||||
# define_roles.sls: test/salt/pillar/define_roles.sls
|
||||
# verifier:
|
||||
# inspec_tests:
|
||||
# - path: test/integration/default
|
||||
# - name: gentoo
|
||||
# includes:
|
||||
# - gentoo-stage3-latest-master-py3
|
||||
# - gentoo-stage3-systemd-master-py3
|
||||
# - gentoo-stage3-latest-3002-5-py3
|
||||
# - gentoo-stage3-systemd-3002-5-py3
|
||||
# - gentoo-stage3-latest-3001-6-py3
|
||||
# - gentoo-stage3-systemd-3001-6-py3
|
||||
# - gentoo-stage3-latest-3000-8-py3
|
||||
# - gentoo-stage3-systemd-3000-8-py3
|
||||
# provisioner:
|
||||
# state_top:
|
||||
# base:
|
||||
# '*':
|
||||
# - nsd._mapdata
|
||||
# - nsd
|
||||
# pillars:
|
||||
# top.sls:
|
||||
# base:
|
||||
# '*':
|
||||
# - nsd
|
||||
# - gentoo
|
||||
# - define_roles
|
||||
# pillars_from_files:
|
||||
# nsd.sls: pillar.example
|
||||
# gentoo.sls: test/salt/pillar/gentoo.sls
|
||||
# define_roles.sls: test/salt/pillar/define_roles.sls
|
||||
# verifier:
|
||||
# inspec_tests:
|
||||
# - path: test/integration/default
|
||||
|
@ -4,6 +4,7 @@
|
||||
{#- Get the `tplroot` from `tpldir` #}
|
||||
{%- set tplroot = tpldir.split('/')[0] %}
|
||||
{%- set sls_package_install = tplroot ~ '.package.install' %}
|
||||
{%- from tplroot ~ "/macros.jinja" import config_file with context %}
|
||||
{%- from tplroot ~ "/map.jinja" import mapdata as nsd with context %}
|
||||
{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %}
|
||||
|
||||
@ -28,3 +29,12 @@ nsd-config-file-file-managed:
|
||||
- context:
|
||||
nsd: {{ nsd | json }}
|
||||
- check_cmd: nsd-checkconf
|
||||
|
||||
{%- set config_data = nsd.get('config_data', {}) %}
|
||||
|
||||
{%- if config_data | length > 0 %}
|
||||
|
||||
{{ config_file('10-salt', 'pillar-configuration') }}
|
||||
|
||||
{%- endif %}
|
||||
|
||||
|
@ -6,3 +6,4 @@ include:
|
||||
- .config_files
|
||||
- .file
|
||||
- .zones
|
||||
- .keys
|
||||
|
14
nsd/config/keys.sls
Normal file
14
nsd/config/keys.sls
Normal file
@ -0,0 +1,14 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
# vim: ft=sls
|
||||
|
||||
{%- set tplroot = tpldir.split('/')[0] %}
|
||||
{%- from tplroot ~ "/map.jinja" import mapdata as nsd with context %}
|
||||
{%- from tplroot ~ "/macros.jinja" import config_file with context %}
|
||||
|
||||
{%- set keys = nsd.get('keys', {}) %}
|
||||
|
||||
{%- if keys | length > 0 %}
|
||||
|
||||
{{ config_file('80-generated-keys', 'generated-keys') }}
|
||||
|
||||
{%- endif %}
|
@ -10,11 +10,14 @@
|
||||
{%- from tplroot ~ "/macros.jinja" import zonefile_name with context %}
|
||||
|
||||
{%- set zones = nsd.get('zones', {}) %}
|
||||
{%- set opmode = nsd.get('opmode', 'master') %}
|
||||
|
||||
{%- if zones | length > 0 %}
|
||||
|
||||
{{ config_file('90-generated-zones', 'generated-zones') }}
|
||||
|
||||
{%- if opmode == 'master' %}
|
||||
|
||||
nsd-config-zones-file-directory:
|
||||
file.directory:
|
||||
- name: {{ nsd.zones_dir }}
|
||||
@ -28,10 +31,14 @@ nsd-config-zones-file-directory:
|
||||
"{{ identifier }}":
|
||||
file.managed:
|
||||
- name: "{{ nsd.zones_dir }}/{{ zonefile_name(name, config) }}"
|
||||
{%- if 'zone_source' in config %}
|
||||
- source: {{ config['zone_source'] }}
|
||||
{%- else %}
|
||||
- source: {{ files_switch([template, template+'.jinja'],
|
||||
lookup=identifier
|
||||
)
|
||||
}}
|
||||
{%- endif %}
|
||||
- mode: 644
|
||||
- user: root
|
||||
- group: {{ nsd.rootgroup }}
|
||||
@ -49,3 +56,4 @@ nsd-config-zones-file-directory:
|
||||
|
||||
{%- endfor %}
|
||||
{%- endif %}
|
||||
{%- endif %}
|
||||
|
11
nsd/files/default/generated-keys.conf.jinja
Normal file
11
nsd/files/default/generated-keys.conf.jinja
Normal file
@ -0,0 +1,11 @@
|
||||
########################################################################
|
||||
# File managed by Salt at <{{ source }}>.
|
||||
# Your changes will be overwritten.
|
||||
########################################################################
|
||||
|
||||
{%- for name, config in nsd.get('keys').items() %}
|
||||
key:
|
||||
name: "{{ name }}"
|
||||
algorithm: "{{ config['algorithm'] }}"
|
||||
secret: "{{ config['secret'] }}"
|
||||
{%- endfor %}
|
@ -1,4 +1,5 @@
|
||||
{%- from "nsd/macros.jinja" import zonefile_name with context -%}
|
||||
{%- set extraopts = ['allow-notify', 'request-xfr', 'outgoing-interface'] -%}
|
||||
########################################################################
|
||||
# File managed by Salt at <{{ source }}>.
|
||||
# Your changes will be overwritten.
|
||||
@ -8,4 +9,9 @@
|
||||
zone:
|
||||
name: "{{ name }}"
|
||||
zonefile: "{{ nsd.zones_dir }}/{{ zonefile_name(name, config) }}"
|
||||
{%- for option in extraopts %}
|
||||
{%- if option in config %}
|
||||
{{ option }}: {{ config[option] }}
|
||||
{%- endif %}
|
||||
{%- endfor %}
|
||||
{%- endfor %}
|
||||
|
12
nsd/files/default/pillar-configuration.conf.jinja
Normal file
12
nsd/files/default/pillar-configuration.conf.jinja
Normal file
@ -0,0 +1,12 @@
|
||||
{%- for category, config in nsd.get('config_data').items() %}
|
||||
{{ category }}:
|
||||
{%- for option, value in config.items() %}
|
||||
{%- if value is string or value is number %}
|
||||
{{ option }}: {{ value }}
|
||||
{%- elif value is iterable %}
|
||||
{%- for item in value %}
|
||||
{{ option }}: {{ item }}
|
||||
{%- endfor %}
|
||||
{%- endif %}
|
||||
{%- endfor %}
|
||||
{%- endfor %}
|
@ -25,7 +25,6 @@
|
||||
- file: nsd-config-file-file-managed
|
||||
- context:
|
||||
nsd: {{ nsd | json }}
|
||||
- check_cmd: nsd-checkconf
|
||||
- watch_in:
|
||||
- service: nsd-service-running-service-running
|
||||
{%- endmacro %}
|
||||
|
@ -17,18 +17,51 @@ nsd:
|
||||
# config_include_glob: *.conf
|
||||
|
||||
# Configuration is separated into several files which have their own templates
|
||||
config_files:
|
||||
10-server: local-nsd-for-unbound
|
||||
# 90-generated-zones is reserved for zones generated by this formula
|
||||
# config_files:
|
||||
# 10-server: local-nsd-for-unbound
|
||||
# # 90-generated-zones is reserved for zones generated by this formula
|
||||
# # 10-salt is reserved for general configuration generated by this formula
|
||||
|
||||
# If this section is present in your Pillar data,
|
||||
# nsd.conf.d/80-generated-keys will be created and managed
|
||||
keys:
|
||||
examplekey:
|
||||
algorithm: hmac-sha512
|
||||
secret: encryptme
|
||||
|
||||
# If this section is present in your Pillar data,
|
||||
# nsd.conf.d/90-generated-zones will be created and managed.
|
||||
zones:
|
||||
example.test:
|
||||
multi-master-check: 'no'
|
||||
# Just for testing purpuses
|
||||
multi-master-check: no
|
||||
"168.192.in-addr.arpa": {}
|
||||
# NSD's include-pattern directive may be a better way to share configuration
|
||||
# across zones than using YAML anchors.
|
||||
#
|
||||
# You can load the zone file from a custom source and specify additional configuration options:
|
||||
# example.com:
|
||||
# zone_source: salt://zones/example.com.zone
|
||||
# request-xfr: 192.168.0.1
|
||||
|
||||
# If this section is present in your Pillar data,
|
||||
# nsd.conf.d/10-salt.conf will be created and managed
|
||||
config_data:
|
||||
server:
|
||||
hide-version: 'yes'
|
||||
ip-address: 127.0.0.1
|
||||
# to use an option multiple times, make it a list:
|
||||
# ip-address:
|
||||
# - 127.0.0.1
|
||||
# - 192.168.0.1
|
||||
verbosity: 2
|
||||
port: 53530
|
||||
remote-control:
|
||||
control-enable: 'yes'
|
||||
control-interface: /run/nsd.sock
|
||||
|
||||
# If this option is defined and set to 'slave', no DNS zone files will be installed
|
||||
# opmode: slave
|
||||
|
||||
tofs:
|
||||
# The files_switch key serves as a selector for alternative
|
||||
|
@ -22,38 +22,38 @@ control 'nsd.service.running' do
|
||||
end
|
||||
|
||||
describe command('nslookup -port=53530 ns1.example.test 127.0.0.1') do
|
||||
its('stdout') { should match '192.168.0.1' }
|
||||
its('stdout') { should match "192.168.0.1" }
|
||||
end
|
||||
|
||||
describe command('nslookup -port=53530 ns2.example.test 127.0.0.1') do
|
||||
its('stdout') { should match '192.168.0.2' }
|
||||
its('stdout') { should match "192.168.0.2" }
|
||||
end
|
||||
|
||||
describe command('nslookup -port=53530 example.test 127.0.0.1') do
|
||||
its('stdout') { should match '192.168.0.10' }
|
||||
its('stdout') { should match "192.168.0.10" }
|
||||
end
|
||||
|
||||
describe command('nslookup -port=53530 www.example.test 127.0.0.1') do
|
||||
its('stdout') { should match '192.168.0.10' }
|
||||
its('stdout') { should match "192.168.0.10" }
|
||||
end
|
||||
|
||||
describe command('nslookup -port=53530 mail.example.test 127.0.0.1') do
|
||||
its('stdout') { should match '192.168.0.11' }
|
||||
its('stdout') { should match "192.168.0.11" }
|
||||
end
|
||||
|
||||
describe command('nslookup -port=53530 192.168.0.1 127.0.0.1') do
|
||||
its('stdout') { should match 'ns1.example.test' }
|
||||
its('stdout') { should match "ns1.example.test" }
|
||||
end
|
||||
|
||||
describe command('nslookup -port=53530 192.168.0.2 127.0.0.1') do
|
||||
its('stdout') { should match 'ns2.example.test' }
|
||||
its('stdout') { should match "ns2.example.test" }
|
||||
end
|
||||
|
||||
describe command('nslookup -port=53530 192.168.0.10 127.0.0.1') do
|
||||
its('stdout') { should match 'example.test' }
|
||||
its('stdout') { should match "example.test" }
|
||||
end
|
||||
|
||||
describe command('nslookup -port=53530 192.168.0.11 127.0.0.1') do
|
||||
its('stdout') { should match 'mail.example.test' }
|
||||
its('stdout') { should match "mail.example.test" }
|
||||
end
|
||||
end
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -7,8 +7,15 @@ values:
|
||||
added_in_pillar: pillar_value
|
||||
arch: amd64
|
||||
config: /etc/nsd/nsd.conf
|
||||
config_files:
|
||||
10-server: local-nsd-for-unbound
|
||||
config_data:
|
||||
remote-control:
|
||||
control-enable: 'yes'
|
||||
control-interface: /run/nsd.sock
|
||||
server:
|
||||
hide-version: 'yes'
|
||||
ip-address: 127.0.0.1
|
||||
port: 53530
|
||||
verbosity: 2
|
||||
config_include_dir: "/etc/nsd/nsd.conf.d"
|
||||
config_include_glob: "*.conf"
|
||||
lookup:
|
||||
@ -47,3 +54,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -7,8 +7,15 @@ values:
|
||||
added_in_pillar: pillar_value
|
||||
arch: amd64
|
||||
config: /etc/nsd/nsd.conf
|
||||
config_files:
|
||||
10-server: local-nsd-for-unbound
|
||||
config_data:
|
||||
remote-control:
|
||||
control-enable: 'yes'
|
||||
control-interface: /run/nsd.sock
|
||||
server:
|
||||
hide-version: 'yes'
|
||||
ip-address: 127.0.0.1
|
||||
port: 53530
|
||||
verbosity: 2
|
||||
config_include_dir: "/etc/nsd/nsd.conf.d"
|
||||
config_include_glob: "*.conf"
|
||||
lookup:
|
||||
@ -47,3 +54,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -7,8 +7,15 @@ values:
|
||||
added_in_pillar: pillar_value
|
||||
arch: amd64
|
||||
config: /etc/nsd/nsd.conf
|
||||
config_files:
|
||||
10-server: local-nsd-for-unbound
|
||||
config_data:
|
||||
remote-control:
|
||||
control-enable: 'yes'
|
||||
control-interface: /run/nsd.sock
|
||||
server:
|
||||
hide-version: 'yes'
|
||||
ip-address: 127.0.0.1
|
||||
port: 53530
|
||||
verbosity: 2
|
||||
config_include_dir: "/etc/nsd/nsd.conf.d"
|
||||
config_include_glob: "*.conf"
|
||||
lookup:
|
||||
@ -47,3 +54,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -7,8 +7,15 @@ values:
|
||||
added_in_pillar: pillar_value
|
||||
arch: amd64
|
||||
config: /etc/nsd/nsd.conf
|
||||
config_files:
|
||||
10-server: local-nsd-for-unbound
|
||||
config_data:
|
||||
remote-control:
|
||||
control-enable: 'yes'
|
||||
control-interface: /run/nsd.sock
|
||||
server:
|
||||
hide-version: 'yes'
|
||||
ip-address: 127.0.0.1
|
||||
port: 53530
|
||||
verbosity: 2
|
||||
config_include_dir: "/etc/nsd/nsd.conf.d"
|
||||
config_include_glob: "*.conf"
|
||||
lookup:
|
||||
@ -47,3 +54,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
@ -47,3 +47,4 @@ values:
|
||||
example.test:
|
||||
multi-master-check: false
|
||||
zones_dir: "/etc/nsd/zones"
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user