ajjahn · solarkennedy · Feb 3, 2015 · Apr 4, 2014 · Apr 4, 2014 · Apr 4, 2014
diff --git a/README.md b/README.md
@@ -4,7 +4,7 @@
 
 Module for provisioning DNS (bind9)
 
-Tested on Ubuntu 12.04, patches to support other operating systems are welcome.
+Tested on Ubuntu 12.04 and CentOS 6.5, patches to support other operating systems are welcome.
 
 This module depends on concat (https://github.com/puppetlabs/puppet-concat).
 

diff --git a/manifests/acl.pp b/manifests/acl.pp
@@ -19,13 +19,14 @@
   $aclname = $name,
   $data = [],
 ) {
+  include dns::server::params
 
   validate_string($aclname)
   validate_array($data)
 
   concat::fragment { "named.conf.local.acl.${name}.include":
     ensure  => $ensure,
-    target  => '/etc/bind/named.conf.local',
+    target  => "${dns::server::params::cfg_dir}/named.conf.local",
     order   => 2,
     content => template("${module_name}/acl.erb"),
   }

diff --git a/manifests/key.pp b/manifests/key.pp
@@ -1,4 +1,6 @@
 define dns::key {
+  include dns::server::params
+  $cfg_dir = $dns::server::params::cfg_dir # Used in a template
 
   file { "/tmp/${name}-secret.sh":
     ensure  => file,
@@ -9,43 +11,45 @@
 
   exec { "dnssec-keygen-${name}":
     command     => "/usr/sbin/dnssec-keygen -a HMAC-MD5 -r /dev/urandom -b 128 -n USER ${name}",
-    cwd         => '/etc/bind/bind.keys.d',
+    cwd         => "${cfg_dir}/bind.keys.d",
     require     => [
       Package['dnssec-tools','bind9'],
-      File['/etc/bind/bind.keys.d']
+      File["${cfg_dir}/bind.keys.d"],
     ],
     refreshonly => true,
     notify      => Exec["get-secret-from-${name}"],
   }
 
   exec { "get-secret-from-${name}":
     command     => "/tmp/${name}-secret.sh",
-    cwd         => '/etc/bind/bind.keys.d',
-    creates     => "/etc/bind/bind.keys.d/${name}.secret",
+    cwd         => "${cfg_dir}/bind.keys.d",
+    creates     => "${cfg_dir}/bind.keys.d/${name}.secret",
     require     => [
       Exec["dnssec-keygen-${name}"],
-      File['/etc/bind/bind.keys.d',"/tmp/${name}-secret.sh"]],
+      File["${cfg_dir}/bind.keys.d"]
+      File["/tmp/${name}-secret.sh"],
+    ],
     refreshonly => true,
   }
-
-  file { "/etc/bind/bind.keys.d/${name}.secret":
+ 
+  file { "${cfg_dir}/bind.keys.d/${name}.secret":
     require => Exec["get-secret-from-${name}"],
   }
 
-  concat { "/etc/bind/bind.keys.d/${name}.key":
-    owner   => 'bind',
-    group   => 'bind',
+  concat { "${cfg_dir}/bind.keys.d/${name}.key":
+    owner   => $dns::server::params::owner,
+    group   => $dns::server::params::group,
     mode    => '0644',
     require => Class['concat::setup'],
     notify  => Class['dns::server::service']
   }
 
   Concat::Fragment {
     ensure  => present,
-    target  => "/etc/bind/bind.keys.d/${name}.key",
+    target  => "${cfg_dir}/bind.keys.d/${name}.key",
     require => [
       Exec["get-secret-from-${name}"],
-      File["/etc/bind/bind.keys.d/${name}.secret"]
+      File["${cfg_dir}/bind.keys.d/${name}.secret"],
     ],
   }
 
@@ -56,7 +60,7 @@
 
   concat::fragment { "${name}.key-secret":
     order   => 2,
-    source  => "/etc/bind/bind.keys.d/${name}.secret",
+    source  => "${cfg_dir}/bind.keys.d/${name}.secret",
   }
 
   concat::fragment { "${name}.key-footer":

diff --git a/manifests/server/config.pp b/manifests/server/config.pp
@@ -1,7 +1,9 @@
 class dns::server::config (
-  $cfg_dir = $dns::server::params::cfg_dir,
-  $owner   = $dns::server::params::owner,
-  $group   = $dns::server::params::group,
+  $cfg_dir  = $dns::server::params::cfg_dir,
+  $cfg_file = $dns::server::params::cfg_file,
+  $data_dir = $dns::server::params::data_dir,
+  $owner    = $dns::server::params::owner,
+  $group    = $dns::server::params::group,
 ) inherits dns::server::params {
 
   file { $cfg_dir:
@@ -11,7 +13,7 @@
     mode   => '0755',
   }
 
-  file { "${cfg_dir}/zones":
+  file { $data_dir:
     ensure => directory,
     owner  => $owner,
     group  => $group,
@@ -25,13 +27,13 @@
     mode   => '0755',
   }
 
-  file { "${cfg_dir}/named.conf":
+  file { $cfg_file:
     ensure  => present,
     owner   => $owner,
     group   => $group,
     mode    => '0644',
     require => [
-      File['/etc/bind'],
+      File[$cfg_dir],
       Class['dns::server::install']
     ],
     notify  => Class['dns::server::service'],

diff --git a/manifests/server/options.pp b/manifests/server/options.pp
@@ -49,7 +49,7 @@
     mode    => '0644',
     require => [File[$::dns::server::params::cfg_dir], Class['::dns::server::install']],
     content => template("${module_name}/named.conf.options.erb"),
-    notify  => Class['::dns::server::service'],
+    notify  => Class['dns::server::service'],
   }
 
 }
diff --git a/manifests/server/params.pp b/manifests/server/params.pp
@@ -1,12 +1,24 @@
 class dns::server::params {
   case $::osfamily {
     'Debian': {
-      $cfg_dir = '/etc/bind'
-      $group   = 'bind'
-      $owner   = 'bind'
-      $package = 'bind9'
-      $service = 'bind9'
-      $necessary_packages = [ 'bind9', 'dnssec-tools']
+       $cfg_dir            = '/etc/bind'
+       $cfg_file           = '/etc/bind/named.conf'
+       $data_dir           = '/etc/bind/zones'
+       $group              = 'bind'
+       $owner              = 'bind'
+       $package            = 'bind9'
+       $service            = 'bind9'
+       $necessary_packages = [ 'bind9', 'dnssec-tools']
+    }
+    'RedHat': {
+       $cfg_dir            = '/etc/named'
+       $cfg_file           = '/etc/named.conf'
+       $data_dir           = '/var/named'
+       $group              = 'named'
+       $owner              = 'named'
+       $package            = 'bind'
+       $service            = 'named'
+       $necessary_packages = [ 'bind', 'dnssec-tools']
     }
     default: {
       fail("dns::server is incompatible with this osfamily: ${::osfamily}")

diff --git a/manifests/zone.pp b/manifests/zone.pp
@@ -34,7 +34,7 @@
     default => $name
   }
 
-  $zone_file = "${cfg_dir}/zones/db.${name}"
+  $zone_file = "${dns::server::params::data_dir}/db.${name}"
   $zone_file_stage = "${zone_file}.stage"
 
   if $ensure == absent {
@@ -46,8 +46,8 @@
 
     # Create "fake" zone file without zone-serial
     concat { $zone_file_stage:
-      owner   => 'bind',
-      group   => 'bind',
+      owner   => $dns::server::params::owner,
+      group   => $dns::server::params::group,
       mode    => '0644',
       require => [Class['concat::setup'], Class['dns::server']],
       notify  => Exec["bump-${zone}-serial"]
@@ -67,8 +67,8 @@
       path        => ['/bin', '/sbin', '/usr/bin', '/usr/sbin'],
       refreshonly => true,
       provider    => posix,
-      user        => 'bind',
-      group       => 'bind',
+      user        => $dns::server::params::owner,
+      group       => $dns::server::params::group,
       require     => Class['dns::server::install'],
       notify      => Class['dns::server::service'],
     }

diff --git a/spec/defines/dns__acl_spec.rb b/spec/defines/dns__acl_spec.rb
@@ -2,7 +2,10 @@
 
 describe 'dns::acl' do
   let(:title) { 'trusted' }
-  let(:facts) { { :concat_basedir => '/tmp' } }
+  let(:facts) { {
+    :concat_basedir => '/tmp',
+    :osfamily       => 'Debian',
+  } }
 
   context 'passing a string to data' do
     let :params do

diff --git a/templates/secret.erb b/templates/secret.erb
@@ -1,6 +1,6 @@
 #!/bin/bash
-SECRET=`cat /etc/bind/bind.keys.d/K<%= @name %>.+*+*.key |tr -s " "|cut -d " " -f7`
+SECRET=`cat <%= @cfg_dir %>/bind.keys.d/K<%= @name %>.+*+*.key |tr -s " "|cut -d " " -f7`
 
-cat <<EOF> /etc/bind/bind.keys.d/<%= @name %>.secret
+cat <<EOF> <%= @cfg_dir %>/bind.keys.d/<%= @name %>.secret
   secret "$SECRET"
 EOF