Merge pull request #53 from cloudrancher/zone-file-path

Allow configuration of master zone file path and mode
bertvv · Jul 18, 2018 · f505f7e · f505f7e
2 parents abc53b8 + 6a1395f
commit f505f7e
Show file tree

Hide file tree

Showing 5 changed files with 27 additions and 12 deletions.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -50,3 +50,7 @@ bind_zone_time_to_refresh: "1D"
 bind_zone_time_to_retry: "1H"
 bind_zone_time_to_expire: "1W"
 bind_zone_minimum_ttl: "1D"
+
+bind_zone_dir: "{{ bind_dir }}/"
+#File mode for master zone files (needs to be something like 0660 for dynamic updates)
+bind_zone_file_mode: "0640"
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -31,6 +31,7 @@
   with_items:
     - "{{ bind_dir }}/dynamic"
     - "{{ bind_dir }}/data"
+    - "{{ bind_zone_dir }}"
   tags: bind
 
 - name: Create serial, based on UTC UNIX time
@@ -41,7 +42,7 @@
   tags: bind
 
 - name: Read forward zone hashes
-  shell: 'grep -s "^; Hash:" {{ bind_dir }}/{{ item.name }} || true'
+  shell: 'grep -s "^; Hash:" {{ bind_zone_dir }}/{{ item.name }} || true'
   changed_when: false
   check_mode: false
   register: forward_hashes_temp
@@ -56,7 +57,7 @@
 
 
 - name: Read reverse ipv4 zone hashes
-  shell: "grep -s \"^; Hash:\" {{ bind_dir }}/{{ ('.'.join(item.1.replace(item.1+'.','').split('.')[::-1])) }}.in-addr.arpa || true"
+  shell: "grep -s \"^; Hash:\" {{ bind_zone_dir }}/{{ ('.'.join(item.1.replace(item.1+'.','').split('.')[::-1])) }}.in-addr.arpa || true"
   changed_when: false
   check_mode: false
   register: reverse_hashes_temp
@@ -74,7 +75,7 @@
     - item
 
 - name: Read reverse ipv6 zone hashes
-  shell: "grep -s \"^; Hash:\" {{bind_dir}}/{{ (item.1 | ipaddr('revdns'))[-(9+(item.1|regex_replace('^.*/','')|int)//2):-1] }} || true"
+  shell: "grep -s \"^; Hash:\" {{ bind_zone_dir }}/{{ (item.1 | ipaddr('revdns'))[-(9+(item.1|regex_replace('^.*/','')|int)//2):-1] }} || true"
   changed_when: false
   check_mode: false
   register: reverse_hashes_ipv6_temp

diff --git a/tasks/master.yml b/tasks/master.yml
@@ -17,10 +17,10 @@
 - name: Master | Create forward lookup zone file
   template:
     src: bind_zone.j2
-    dest: "{{ bind_dir }}/{{ item.name }}"
+    dest: "{{ bind_zone_dir }}{{ item.name }}"
     owner: "{{ bind_owner }}"
     group: "{{ bind_group }}"
-    mode: "0640"
+    mode: "{{ bind_zone_file_mode }}"
     setype: named_zone_t
     validate: 'named-checkzone -d {{ item.name }} %s'
   with_items:
@@ -31,10 +31,10 @@
 - name: Master | Create reverse lookup zone file
   template:
     src: reverse_zone.j2
-    dest: "{{ bind_dir }}/{{ ('.'.join(item.1.replace(item.1+'.','').split('.')[::-1])) }}.in-addr.arpa"
+    dest: "{{ bind_zone_dir }}{{ ('.'.join(item.1.replace(item.1+'.','').split('.')[::-1])) }}.in-addr.arpa"
     owner: "{{ bind_owner }}"
     group: "{{ bind_group }}"
-    mode: "0640"
+    mode: "{{ bind_zone_file_mode }}"
     setype: named_zone_t
     validate: "named-checkzone {{ ('.'.join(item.1.replace(item.1+'.','').split('.')[::-1])) }}.in-addr.arpa %s"
   with_subelements:
@@ -48,10 +48,10 @@
 - name: Master | Create reverse IPv6 lookup zone file
   template:
     src: reverse_zone_ipv6.j2
-    dest: "{{bind_dir}}/{{ (item.1 | ipaddr('revdns'))[-(9+(item.1|regex_replace('^.*/','')|int)//2):-1] }}"
+    dest: "{{bind_zone_dir}}{{ (item.1 | ipaddr('revdns'))[-(9+(item.1|regex_replace('^.*/','')|int)//2):-1] }}"
     owner: "{{ bind_owner }}"
     group: "{{ bind_group }}"
-    mode: "0640"
+    mode: "{{ bind_zone_file_mode }}"
     setype: named_zone_t
     validate: "named-checkzone {{ (item.1 | ipaddr('revdns'))[-(9+(item.1|regex_replace('^.*/','')|int)//2):] }} %s"
   with_subelements:

diff --git a/templates/master_etc_named.conf.j2 b/templates/master_etc_named.conf.j2
@@ -57,12 +57,17 @@ logging {
 {% for file in bind_default_zone_files %}
 include "{{ file }}";
 {% endfor %}
+{% if bind_extra_include_files is defined %}
+{% for file in bind_extra_include_files %}
+include "{{ file }}";
+{% endfor %}
+{% endif %}
 
 {% if bind_zone_domains is defined %}
 {% for bind_zone in bind_zone_domains %}
 zone "{{ bind_zone.name }}" IN {
   type master;
-  file "{{ bind_zone.name }}";
+  file "{{ bind_zone_dir }}{{ bind_zone.name }}";
   notify yes;
 {% if bind_zone.also_notify is defined %}
   also-notify  { {{ bind_zone.also_notify|join(';') }}; };
@@ -78,7 +83,7 @@ zone "{{ bind_zone.name }}" IN {
 {% for network in bind_zone.networks %}
 zone "{{ ('.'.join(network.replace(network+'.','').split('.')[::-1])) }}.in-addr.arpa" IN {
   type master;
-  file "{{ ('.'.join(network.replace(network+'.','').split('.')[::-1])) }}.in-addr.arpa";
+  file "{{ bind_zone_dir }}{{ ('.'.join(network.replace(network+'.','').split('.')[::-1])) }}.in-addr.arpa";
   notify yes;
 {% if bind_zone.also_notify is defined %}
   also-notify  { {{ bind_zone.also_notify|join(';') }}; };
@@ -96,7 +101,7 @@ zone "{{ ('.'.join(network.replace(network+'.','').split('.')[::-1])) }}.in-addr
 {% for network in bind_zone.ipv6_networks %}
 zone "{{ (network | ipaddr('revdns'))[-(9+(network|regex_replace('^.*/','')|int)//2):] }}" IN {
   type master;
-  file "{{ (network | ipaddr('revdns'))[-(9+(network|regex_replace('^.*/','')|int)//2):-1] }}";
+  file "{{ bind_zone_dir }}{{ (network | ipaddr('revdns'))[-(9+(network|regex_replace('^.*/','')|int)//2):-1] }}";
   notify yes;
 {% if bind_zone.also_notify is defined %}
   also-notify  { {{ bind_zone.also_notify|join(';') }}; };

diff --git a/templates/slave_etc_named.conf.j2 b/templates/slave_etc_named.conf.j2
@@ -53,6 +53,11 @@ logging {
 {% for file in bind_default_zone_files %}
 include "{{ file }}";
 {% endfor %}
+{% if bind_extra_include_files is defined %}
+{% for file in bind_extra_include_files %}
+include "{{ file }}";
+{% endfor %}
+{% endif %}
 
 {% if bind_zone_domains is defined %}
 {% for bind_zone in bind_zone_domains %}