Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add possibility to set forwarders #23

Merged
merged 1 commit into from
Aug 9, 2013
Merged

Add possibility to set forwarders #23

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,11 @@ Tweak and add the following to your site manifest:
node 'server.example.com' {
include dns::server

# Forwarders
dns::server::options{ '/etc/bind/named.conf.options':
forwarders => [ '8.8.8.8', '8.8.4.4' ]
}

# Forward Zone
dns::zone { 'example.com':
soa => "ns1.example.com",
Expand Down
34 changes: 34 additions & 0 deletions manifests/server/options.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# Define: dns::server::options
#
# BIND server template-based configuration definition.
#
# Parameters:
# $forwarders:
# Array of forwarders IP addresses. Default: empty
# $group:
# Group of the file. Default: bind
# $owner:
# Owner of the file. Default: bind
#
# Sample Usage :
# dns::server::options { '/etc/bind/named.conf.options':
# 'forwarders' => [ '8.8.8.8', '8.8.4.4' ],
# }
#
define dns::server::options (
$forwarders = [],
$group = 'bind',
$owner = 'bind',
) {

file { $title:
ensure => present,
owner => $owner,
group => $group,
mode => '0644',
require => [File['/etc/bind'], Class['dns::server::install']],
content => template("${module_name}/named.conf.options.erb"),
notify => Class['dns::server::service'],
}

}
32 changes: 32 additions & 0 deletions templates/named.conf.options.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
options {
directory "/var/cache/bind";

// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113

// If your ISP provided one or more IP addresses for stable.
// nameservers, you probably want to use them as forwarders...
// Uncomment the following block, and insert the addresses replacing.
// the all-0's placeholder.

<% if forwarders.size == 0 then -%>
// forwarders {
// 0.0.0.0;
// };
<% else -%>
forwarders {
<% forwarders.each do |forwarder| -%>
<%= forwarder -%>;
<% end -%>};
<% end -%>

//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;

auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};