Hello dear Community,
I am now working for a while on a distributed DNS Module. The concept is
that there are two Root-DNS servers in an enterprise environemnt and as
much decentral Servers as you want.
Puppet should automatically generate TSIG Secrets, push the secrets and
their own hostname / ipadresses into several stored resources and the
root-DNS Servers should dynamically get all those informations and generate
the BIND 9 named.conf.* configuration files for me.
This way i can automatically let the decentral servers be slaves of some
zones and also let them host der decentral primary-zones for automatic DHCP
--> DNS updates. Those zones are then pushed again back to the root-dns
servers (they are slaves for those zones).
Everything of that works with puppet EXCEPT one thing... creating a list of
stored resources in a file with a header and a trailer.
The following code demonstrates what I want to do:
*Puppet Module for ACL:*
module Puppet
newtype(:decentralacl) do
ensurable
newparam(:name) do
desc „Name of the server which should get
into the decentral ACL“
isnamevar
end
newproperty(:ipaddress) do
desc „IP-Address of the server“
end
end
end
*Puppet Provider for ACL*
require ‘puppet/provider/parsedfile‘
aclfile = “/var/named/named.conf.acls.decentrals“
Puppet::Type.type(:decentralacl).provide(
:parsed,
:parent => Puppet::Provider::ParsedFile,
:default_target => aclfile,
:filetype => :flat
) do
text_line :comment, :match => /^\s*#/
text_line :blank, match => /^\s*/
text_line :acl, :match => /^\s*(acl alle_liegenscahften
\{|\};)$/
record_line :parsed,
:fields => %w{name},
:match => /^key (.+); # (.+)$/,
:to_line => proc { | hash |
if hash[:value] == :absent
hash[:name]
else
“key #{hash:[name]};“
end
}
def self.header
“acl decentral_srvs {“
end
def self.to_file
text = super
text + “\n\};“
end
end
the basic functionality without def self.header and def self.to_file does
actually work. But I can not include that into the bind9 configuration, I
need to get the surrounding acl decentral_srvs {...};
I then use this ACL to allow the transfer of the zone in the
named.conf.zones:
zone "enterprise.org" IN {
type master;
file “enterprise.org.db“;
allow-transfer { decentral_srvs; };
notify yes;
}
Configured as above - i get some error messages and the order of the "key
<hostname>" statements and the brackets is wrong when I add some hosts. The
"key <hostname>" statements are then out of the surrounding brackets at the
bottom of the file.
Did anyone ever add static content to a ParsedFile? or to I have to use a
workarount - generate the file only with key <hostname> statements and then
use some other class / exec to copy this file locally to another file and
add the surrounding parameters?
Faithfully,
Felix
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
