Update zone-serial only on changing zone-records

manifests/record.pp

@@ -9,10 +9,12 @@
   $order = 9
 ) {
 
-  $zone_file = "/etc/bind/zones/db.${zone}"
+  $cfg_dir = $dns::server::params::cfg_dir
+
+  $zone_file_data = "${cfg_dir}/zones/db.${zone}.data"
 
   concat::fragment{"db.${zone}.${name}.record":
-    target  => $zone_file,
+    target  => $zone_file_data,
     order   => $order,
     content => template("${module_name}/zone_record.erb")
   }

manifests/server/config.pp

@@ -11,20 +11,38 @@
     owner  => $owner,
     group  => $group,
     mode   => '0755',
+    require => File["${cfg_dir}"],
   }
   file { "${cfg_dir}/bind.keys.d/":
     ensure => directory,
     owner  => $owner,
     group  => $group,
     mode   => '0755',
+    require => File["${cfg_dir}"],
+  }
+
+  file { "${cfg_dir}/puppet-scripts":
+    ensure => directory,
+    owner  => $owner,
+    group  => $group,
+    mode   => '0755',
+    require => File["${cfg_dir}"],
+  }
+  file { "${cfg_dir}/puppet-scripts/zone_soa.sh":
+    ensure  => present,
+    owner   => $owner,
+    group   => $group,
+    mode    => '0755',
+    content => template("${module_name}/zone_soa.sh.erb"),
+    require => File["${cfg_dir}/puppet-scripts"],
   }
 
   file { "${cfg_dir}/named.conf":
     ensure  => present,
     owner   => $owner,
     group   => $group,
     mode    => '0644',
-    require => [File['/etc/bind'], Class['dns::server::install']],
+    require => [File["${cfg_dir}"], Class['dns::server::install']],
     notify  => Class['dns::server::service'],
   }
 
@@ -33,14 +51,14 @@
     group   => $group,
     mode    => '0644',
     require => Class['concat::setup'],
-    notify  => Class['dns::server::service']
+    notify  => Class['dns::server::service'],
   }
 
   concat::fragment{'named.conf.local.header':
     ensure  => present,
     target  => "${cfg_dir}/named.conf.local",
     order   => 1,
-    content => "// File managed by Puppet.\n"
+    content => "// File managed by Puppet.\n",
   }
 
 }

manifests/zone.pp

@@ -18,6 +18,8 @@
 
   validate_array($allow_transfer)
 
+  $cfg_dir = $dns::server::params::cfg_dir
+
   $zone_serial = $serial ? {
     false   => inline_template('<%= Time.now.to_i %>'),
     default => $serial
@@ -28,26 +30,49 @@
     default => $name
   }
 
-  $zone_file = "/etc/bind/zones/db.${name}"
+  $zone_dir = "${cfg_dir}/zones"
+  $zone_file = "${zone_dir}/db.${name}"
+  $zone_file_data = "${zone_file}.data"
 
   if $ensure == absent {
     file { $zone_file:
       ensure => absent,
     }
   } else {
-    # Zone Database
-    concat { $zone_file:
-      owner   => 'bind',
-      group   => 'bind',
-      mode    => '0644',
-      require => [Class['concat::setup'], Class['dns::server']],
-      notify  => Class['dns::server::service']
-    }
-    concat::fragment{"db.${name}.soa":
-      target  => $zone_file,
-      order   => 1,
-      content => template("${module_name}/zone_file.erb")
-    }
+      # Splitting zone file on two parts: zone-soa (soa record) and zone-data (all other records).
+      # This is to update zone_serial only by need (then zone-data updated).
+
+      $soa_exec_cmdline = template("${module_name}/soa_exec_cmdline.erb")
+
+      exec { "soa-${zone}":
+        command     => "$soa_exec_cmdline",
+        path        => ["/bin", "/sbin", "/usr/bin", "/usr/sbin"],
+        refreshonly => true,
+        require     => Class['dns::server::install'],
+        notify      => Class['dns::server::service'],
+      }
+      # Set correct rights on file generated by exec{soa-$zone:}
+      file { $zone_file:
+        ensure    => file,
+        owner     => $dns::owner,
+        group     => $dns::group,
+        mode      => 0644,
+	require	  => Exec["soa-${zone}"],
+      }
+
+      # Generate ${zone_name}.data file for static zones and request refresh exec on changes
+      concat { $zone_file_data:
+        owner   => $dns::owner,
+        group   => $dns::group,
+        mode    => '644',
+        require => Class['dns::server::install'],
+        notify  => Exec["soa-${zone}"],
+      }
+      concat::fragment{"db.${zone}.data-header":
+        target  => $zone_file_data,
+        order   => 1,
+        content => template("${module_name}/zone_data_header.erb")
+      }
   }
 
   # Include Zone in named.conf.local

templates/soa_exec_cmdline.erb

@@ -0,0 +1 @@
+<%= @cfg_dir %>/puppet-scripts/zone_soa.sh <%= @zone %> <%= @soa %> <%= @soa_email %> <%= @zone_serial %> <%= @zone_ttl %> <%= @zone_refresh %> <%= @zone_retry %> <%= @zone_expire %> <%= @zone_minimum %><% @nameservers.each do |nameserver| -%> <%= nameserver %><% end -%>

templates/zone_data_header.erb

@@ -0,0 +1,6 @@
+; ttl: <%= @zone_ttl %>, soa: <%= @soa %>, soa_email: <%= @soa_email %>
+; zone_refresh: <%= @zone_refresh %>, zone_retry: <%= @zone_retry %>
+; zone_expire: <%= @zone_expire %>, zone_minimum: <%= @zone_minimum %>
+;
+; nameservers: <% @nameservers.each do |nameserver| -%><%= nameserver %> <% end %>
+;

templates/zone_soa.sh.erb

@@ -0,0 +1,44 @@
+#!/bin/sh
+
+# This is "template" for Puppet. It needs to make SOA header of DNS zone.
+#
+# Usage:
+# zone-soa.sh <zone_name> <soa> <soa_email> <zone_serial> <zone_ttl> <zone_refresh> <zone_retry> <zone_expire> <zone_minimum> <ns1> ... <nsN>
+
+ZONE_NAME=$1
+SOA=$2
+SOA_EMAIL=$3
+ZONE_SERIAL=$4
+ZONE_TTL=$5
+ZONE_REFRESH=$6
+ZONE_RETRY=$7
+ZONE_EXPIRE=$8
+ZONE_MINIMUM=$9
+
+cat > "<%= @cfg_dir %>/zones/db.${ZONE_NAME}" <<EOF
+;
+; BIND data file for $ZONE_NAME zone.
+; File managed by puppet.
+;
+\$ORIGIN ${ZONE_NAME}.
+\$TTL    $ZONE_TTL
+@       IN      SOA     ${SOA}. ${SOA_EMAIL}. (
+                $ZONE_SERIAL	; Serial
+                $ZONE_REFRESH	; Refresh
+                $ZONE_RETRY	; Retry
+                $ZONE_EXPIRE	; Expire
+                $ZONE_MINIMUM )	; Negative Cache TTL
+;
+EOF
+
+shift 9
+while [ "$#" -gt "0" ]; do
+  NAMESERVER=$1
+  echo "@	IN	NS	$NAMESERVER." >> "<%= @cfg_dir %>/zones/db.${ZONE_NAME}"
+  shift
+done
+
+cat >> "<%= @cfg_dir %>/zones/db.${ZONE_NAME}" <<EOF
+;
+\$INCLUDE /etc/bind/zones/db.${ZONE_NAME}.data
+EOF