Adding zone management

diff --git a/bind/conf.sls b/bind/conf.sls
index 3e0c554a3b05e631a96be8b8bada0ee709685e21..d05d221cf548dc9c8d13dafbd23ce7fc132ad550 100644 (file)
--- a/bind/conf.sls
+++ b/bind/conf.sls
@@ -1,5 +1,6 @@
 {%- set etc_dir = salt['pillar.get']('bind:etc-dir', '/etc/bind') -%}
 {%- set home_dir = salt['pillar.get']('bind:home-dir', '/var/cache/bind') -%}
+{%- set my_zones = salt['pillar.get']('bind:my-zones', {}) -%}
 
 bind-conf_acl:
   file.managed:
@@ -75,6 +76,27 @@ bind-conf_local:
     - watch_in:
       - service: bind
 
+{% for zone in my_zones %}
+{%- set masters = my_zones[zone]['master'] -%}
+{%- if grains['fqdn'] in masters %}
+bind-zone_{{ zone }}:
+  file.managed:
+    - name: {{ etc_dir }}/zones/{{ zone }}.zone
+    - source: salt://bind/zones/{{ zone }}.zone
+    - user: root
+    - group: root
+    - mode: 644
+    - template: jinja
+    - backup: minion
+    - require:
+      - pkg: bind
+      - file: bind-etc-dir
+      - file: bind-zones-dir
+    - watch_in:
+      - service: bind
+{%- endif %} 
+{% endfor %}
+
 bind-conf_pri:
   file.managed:
     - name: {{ etc_dir }}/named-pri.conf
@@ -88,6 +110,12 @@ bind-conf_pri:
       - pkg: bind
       - file: bind-etc-dir
       - file: bind-zones-dir
+{%- for zone in my_zones %}
+{%- set masters = my_zones[zone]['master'] -%}
+{%- if grains['fqdn'] in masters %}
+      - file: bind-zone_{{ zone }}
+{%- endif -%} 
+{%- endfor %}
     - watch_in:
       - service: bind
 

diff --git a/bind/files/named-pri.conf b/bind/files/named-pri.conf
index 8c01ea820a0fbab531c29e994897d9ca2fdb9ec7..7407d3638683f0ec721e4fa4b1c38c6ec2f3f7b1 100644 (file)
--- a/bind/files/named-pri.conf
+++ b/bind/files/named-pri.conf
@@ -1,6 +1,9 @@
 {%- set etc_dir = salt['pillar.get']('bind:etc-dir', '/etc/bind') -%}
+{%- set bind_role = salt['pillar.get']('bind:role', 'secondary') -%}
+{%- set my_zones = salt['pillar.get']('bind:my-zones', {}) -%}
+{%- set ips = grains['ipv4'] + grains['ipv6'] -%}
 //###############################################################
-//# Bind9-Konfigurationsdatei - Primäre Zonen
+//# Bind9-Konfigurationsdatei - Primaere Zonen
 //# {{ etc_dir }}/named-pri.conf
 //#
 //# Host {{ grains['fqdn'] }}
@@ -10,6 +13,24 @@
 //###############################################################
 //# Master-Zonen (Primary)
 
-// Keine!
+{% for zone in my_zones %}
+{%- set masters = my_zones[zone]['master'] -%}
+{%- set slaves = my_zones[zone]['slaves'] -%}
+{%- if grains['fqdn'] in masters %}
+zone "{{ zone }}" {
+       type master;
+       file "{{ etc_dir }}/zones/{{ zone }}.zone";
+       allow-update { none; };
+       allow-transfer {
+               common-allow-transfer;
+       };
+       also-notify {
+       {%- for slave in slaves %}{% set ip = slaves[slave] %}
+               {{ ip }};
+       {%- endfor -%}
+       };
+};
+{%- endif %}
+{% endfor -%}
 
 # vim: ts=4 filetype=named noai

diff --git a/bind/files/named-pri1.conf b/bind/files/named-pri1.conf
new file mode 100644 (file)
index 0000000..47222c7
--- /dev/null
+++ b/bind/files/named-pri1.conf
@@ -0,0 +1,37 @@
+{%- set etc_dir = salt['pillar.get']('bind:etc-dir', '/etc/bind') -%}
+{%- set bind_role = salt['pillar.get']('bind:role', 'secondary') -%}
+{%- set is_master = False -%}
+{%- if bind_role|lower == 'primary' -%}
+       {%- set is_master = True -%}
+{%- endif -%}
+{%- set my_zones = salt['pillar.get']('bind:my-zones', {}) -%}
+//###############################################################
+//# Bind9-Konfigurationsdatei - Primäre Zonen
+//# {{ etc_dir }}/named-pri.conf
+//#
+//# Host {{ grains['fqdn'] }}
+//#
+//###############################################################
+
+//###############################################################
+//# Master-Zonen (Primary)
+{%- for zone in my_zones %}
+{%- if grains('fqdn')  in my_zones.zone.slaves %}
+zone "{{ zone }}" {
+       type master;
+       file "{{ etc_dir }}/zones/{{ zone }}.zone";
+       allow-update { none; };
+       allow-transfer {
+               common-allow-transfer;
+       };
+       also-notify {
+               also-notify-uhu-banane;
+       };
+};
+
+{% endif %}
+{% endfor %}
+
+// Keine!
+
+# vim: ts=4 filetype=named noai

diff --git a/bind/files/named-sec.conf b/bind/files/named-sec.conf
index 9664dabefd3dc765c3670ac57487be1e44dc44db..a4b7140fedd82f0e6daedffae9d96fa8e70cacfd 100644 (file)
--- a/bind/files/named-sec.conf
+++ b/bind/files/named-sec.conf
@@ -1,6 +1,9 @@
 {%- set etc_dir = salt['pillar.get']('bind:etc-dir', '/etc/bind') -%}
+{%- set bind_role = salt['pillar.get']('bind:role', 'secondary') -%}
+{%- set my_zones = salt['pillar.get']('bind:my-zones', {}) -%}
+{%- set ips = grains['ipv4'] + grains['ipv6'] -%}
 //###############################################################
-//# Bind9-Konfigurationsdatei - Sekundäre Zonen
+//# Bind9-Konfigurationsdatei - Sekundaere Zonen
 //# {{ etc_dir }}/named-sec
 //#
 //# Host {{ grains['fqdn'] }}
@@ -10,6 +13,23 @@
 //###############################################################
 //# Slave-Zonen (Secondary)
 
-// Keine!
+{% for zone in my_zones %}
+{%- set masters = my_zones[zone]['master'] -%}
+{%- set slaves = my_zones[zone]['slaves'] -%}
+{%- if grains['fqdn'] in slaves %}
+zone "{{ zone }}" {
+       type slave;
+       file "{{ zone }}.zone";
+       masters {
+       {%- for master in masters %}{% set ip = masters[master] %}
+               {{ ip }};
+       {%- endfor -%}
+       };
+       allow-transfer {
+               common-allow-transfer;
+       };
+};
+{%- endif %}
+{% endfor %}
 
 # vim: ts=4 filetype=named noai

diff --git a/bind/zones/uhu-banane.eu.zone b/bind/zones/uhu-banane.eu.zone
new file mode 100644 (file)
index 0000000..647d25b
--- /dev/null
+++ b/bind/zones/uhu-banane.eu.zone
@@ -0,0 +1,22 @@
+$ORIGIN .
+;$TTL 86400    ; 1 day
+$TTL 900
+uhu-banane.eu  IN SOA  ns3.uhu-banane.de. hostmaster.uhu-banane.de. (
+                               2016030900 ; serial
+                               10800      ; refresh (3 hours)
+                               3600       ; retry (1 hour)
+                               604800     ; expire (1 week)
+                               86400      ; minimum (1 day)
+                               )
+                       NS      ns1.uhu-banane.de.
+                       NS      ns2.uhu-banane.de.
+                       NS      ns3.uhu-banane.de.
+                       A       185.102.95.107
+                       AAAA    2a06:2380:0:1::3a
+                       MX      10 mail.uhu-banane.de.
+
+$ORIGIN uhu-banane.eu.
+mail                   A       85.214.134.152
+mail                   AAAA    2a01:238:4225:6e00:8f8c:808a:7fb8:88df
+git                    CNAME   git.uhu-banane.de.
+www                    CNAME   www.uhu-banane.de.

diff --git a/bind/zones/uhu-banane.org.zone b/bind/zones/uhu-banane.org.zone
new file mode 100644 (file)
index 0000000..2ad64bc
--- /dev/null
+++ b/bind/zones/uhu-banane.org.zone
@@ -0,0 +1,22 @@
+$ORIGIN .
+;$TTL 86400    ; 1 day
+$TTL 900
+uhu-banane.org IN SOA  ns3.uhu-banane.de. hostmaster.uhu-banane.de. (
+                               2016030900 ; serial
+                               10800      ; refresh (3 hours)
+                               3600       ; retry (1 hour)
+                               604800     ; expire (1 week)
+                               86400      ; minimum (1 day)
+                               )
+                       NS      ns1.uhu-banane.de.
+                       NS      ns2.uhu-banane.de.
+                       NS      ns3.uhu-banane.de.
+                       A       185.102.95.107
+                       AAAA    2a06:2380:0:1::3a
+                       MX      10 mail.uhu-banane.de.
+
+$ORIGIN uhu-banane.org.
+mail                   A       85.214.134.152
+mail                   AAAA    2a01:238:4225:6e00:8f8c:808a:7fb8:88df
+git                    CNAME   git.uhu-banane.de.
+www                    CNAME   www.uhu-banane.de.