a1fd332db7
This reverts commitf3faa5eb71. Reason for revert: The issue was fixed in puppet-dns 9.6.0[1]. [1]6615bdef19Change-Id: I447d69403579051b93999fa46e59c59f22a414a5
50 lines
1.4 KiB
Puppet
50 lines
1.4 KiB
Puppet
# Configures the BIND service for use with Designate's BIND backend
|
|
#
|
|
|
|
class openstack_integration::bind {
|
|
|
|
include openstack_integration::config
|
|
include openstack_integration::params
|
|
|
|
$bind_host = $::openstack_integration::config::host
|
|
|
|
$listen_on = $::openstack_integration::config::ipv6 ? {
|
|
true => 'none',
|
|
default => $bind_host,
|
|
}
|
|
$listen_on_v6 = $::openstack_integration::config::ipv6 ? {
|
|
true => $bind_host,
|
|
default => 'none',
|
|
}
|
|
|
|
# NOTE (dmsimard): listen_on_v6 is false and overridden due to extended port
|
|
# configuration in additional_options
|
|
class { 'dns':
|
|
recursion => 'no',
|
|
allow_recursion => [],
|
|
listen_on_v6 => false,
|
|
additional_options => {
|
|
'listen-on' => "port 5322 { ${listen_on}; }",
|
|
'listen-on-v6' => "port 5322 { ${listen_on_v6}; }",
|
|
'auth-nxdomain' => 'no',
|
|
},
|
|
controls => {
|
|
$bind_host => {
|
|
'port' => 953,
|
|
'allowed_addresses' => [$bind_host],
|
|
'keys' => ['rndc-key'],
|
|
}
|
|
},
|
|
}
|
|
|
|
# ::dns creates the rndc key but not a rndc.conf.
|
|
# Contribute this in upstream ::dns ?
|
|
file { '/etc/rndc.conf':
|
|
ensure => present,
|
|
owner => $::dns::params::user,
|
|
group => $::dns::params::group,
|
|
content => template("${module_name}/rndc.conf.erb"),
|
|
require => Package[$dns::params::dns_server_package]
|
|
}
|
|
}
|