Hello dear Community,
I am now working for a while on a distributed DNS Module. The concept is
that there are two Root-DNS servers in an enterprise environemnt and as
much decentral Servers as you want.
Puppet should automatically generate TSIG Secrets, push the secrets and
their own hostname / ipadresses into several stored resources and the
root-DNS Servers should dynamically get all those informations and generate
the BIND 9 named.conf.* configuration files for me.
This way i can automatically let the decentral servers be slaves of some
zones and also let them host der decentral primary-zones for automatic DHCP
--> DNS updates. Those zones are then pushed again back to the root-dns
servers (they are slaves for those zones).
Everything of that works with puppet EXCEPT one thing... creating a list of
stored resources in a file with a header and a trailer.
The following code demonstrates what I want to do:
*Puppet Module for ACL:*
module Puppet
newtype(:decentralacl) do
ensurable
newparam(:name) do
desc „Name of the server which should get
into the decentral ACL“
isnamevar
end
newproperty(:ipaddress) do
desc „IP-Address of the server“
end
end
end
*Puppet Provider for ACL*
require ‘puppet/provider/parsedfile‘
aclfile = “/var/named/named.conf.acls.decentrals“
Puppet::Type.type(:decentralacl).provide(
:parsed,
:parent => Puppet::Provider::ParsedFile,
:default_target => aclfile,
:filetype => :flat
) do
text_line :comment, :match => /^\s*#/
text_line :blank, match => /^\s*/
text_line :acl, :match => /^\s*(acl alle_liegenscahften
\{|\};)$/
record_line :parsed,
:fields => %w{name},
:match => /^key (.+); # (.+)$/,
:to_line => proc { | hash |
if hash[:value] == :absent
hash[:name]
else
“key #{hash:[name]};“
end
}
def self.header
“acl decentral_srvs {“
end
def self.to_file
text = super
text + “\n\};“
end
end
the basic functionality without def self.header and def self.to_file does
actually work. But I can not include that into the bind9 configuration, I
need to get the surrounding acl decentral_srvs {...};
I then use this ACL to allow the transfer of the zone in the
named.conf.zones:
zone "enterprise.org" IN {
type master;
file “enterprise.org.db“;
allow-transfer { decentral_srvs; };
notify yes;
}
Configured as above - i get some error messages and the order of the "key
<hostname>" statements and the brackets is wrong when I add some hosts. The
"key <hostname>" statements are then out of the surrounding brackets at the
bottom of the file.
Did anyone ever add static content to a ParsedFile? or to I have to use a
workarount - generate the file only with key <hostname> statements and then
use some other class / exec to copy this file locally to another file and
add the surrounding parameters?
Faithfully,
Felix
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
