Hello dear Community,

I am now working for a while on a distributed DNS Module. The concept is 
that there are two Root-DNS servers in an enterprise environemnt and as 
much decentral Servers as you want.

Puppet should automatically generate TSIG Secrets, push the secrets and 
their own hostname / ipadresses into several stored resources and the 
root-DNS Servers should dynamically get all those informations and generate 
the BIND 9 named.conf.* configuration files for me.

This way i can automatically let the decentral servers be slaves of some 
zones and also let them host der decentral primary-zones for automatic DHCP 
--> DNS updates. Those zones are then pushed again back to the root-dns 
servers (they are slaves for those zones).

Everything of that works with puppet EXCEPT one thing... creating a list of 
stored resources in a file with a header and a trailer.

The following code demonstrates what I want to do:

*Puppet Module for ACL:*

module Puppet

                newtype(:decentralacl) do

                ensurable

                newparam(:name) do

                               desc „Name of the server which should get 
into the decentral ACL“

                                isnamevar

                end

                newproperty(:ipaddress) do

                               desc „IP-Address of the server“

                end

end

end


*Puppet Provider for ACL*

require ‘puppet/provider/parsedfile‘

aclfile = “/var/named/named.conf.acls.decentrals“

 

Puppet::Type.type(:decentralacl).provide(

            :parsed,

            :parent => Puppet::Provider::ParsedFile,

            :default_target => aclfile,

            :filetype => :flat

) do

            text_line :comment, :match => /^\s*#/

            text_line :blank, match => /^\s*/

            text_line :acl, :match => /^\s*(acl alle_liegenscahften 
\{|\};)$/

            record_line :parsed,

                        :fields => %w{name},

                        :match => /^key (.+); # (.+)$/,

                        :to_line => proc { | hash |

                                   if hash[:value] == :absent

                                               hash[:name]

                                   else

                                               “key #{hash:[name]};“

                                   end

            }

            def self.header

                        “acl decentral_srvs {“

            end

            def self.to_file

                        text = super

                        text + “\n\};“

            end

end


the basic functionality without def self.header and def self.to_file does 
actually work. But I can not include that into the bind9 configuration, I 
need to get the surrounding acl decentral_srvs {...};

I then use this ACL to allow the transfer of the zone in the 
named.conf.zones:

zone "enterprise.org" IN {

            type master;

            file “enterprise.org.db“;

            allow-transfer { decentral_srvs; };

            notify yes;

}


Configured as above - i get some error messages and the order of the "key 
<hostname>" statements and the brackets is wrong when I add some hosts. The 
"key <hostname>" statements are then out of the surrounding brackets at the 
bottom of the file.


Did anyone ever add static content to a ParsedFile? or to I have to use a 
workarount - generate the file only with key <hostname> statements and then 
use some other class / exec to copy this file locally to another file and 
add the surrounding parameters?


Faithfully,

Felix

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to