*.pyc
.idea/*
+/postfix/files/main-all.cf
+{%- set etc_dir = salt['pillar.get']('bind:etc-dir', '/etc/bind') -%}
-/etc/bind/named-acl.conf:
+bind-conf_acl:
file.managed:
+ - name: {{ etc_dir }}/named-acl.conf
- source: salt://bind/files/named-acl.conf
- user: root
- group: root
- template: jinja
- backup: minion
- require:
- - file: /etc/bind
+ - file: bind-etc-dir
-/etc/bind/named-log.conf:
+bind-conf_log:
file.managed:
+ - name: {{ etc_dir }}/named-log.conf
- source: salt://bind/files/named-log.conf
- user: root
- group: root
- template: jinja
- backup: minion
- require:
- - file: /etc/bind
+ - file: bind-etc-dir
- file: /var/log/bind
-
# vim: filetype=sls
+{%- set def_zones_dir = salt['pillar.get']('bind:default-zones-dir', '/etc/bind') -%}
+{%- set etc_dir = salt['pillar.get']('bind:etc-dir', '/etc/bind') -%}
-/etc/bind/db.0:
- file.exists:
+zone-db.0:
+ file.managed:
+ - name: {{ def_zones_dir }}/db.0
+ - source: salt://bind/files/db.0
+ - user: root
+ - group: root
+ - mode: 644
+ - backup: minion
- require:
- - file: /etc/bind
+ - file: bind-default-zones-dir
-/etc/bind/db.127:
- file.exists:
+zone-db.127:
+ file.managed:
+ - name: {{ def_zones_dir }}/db.127
+ - source: salt://bind/files/db.127
+ - user: root
+ - group: root
+ - mode: 644
+ - backup: minion
- require:
- - file: /etc/bind
+ - file: bind-default-zones-dir
-/etc/bind/db.255:
- file.exists:
+zone-db.255:
+ file.managed:
+ - name: {{ def_zones_dir }}/db.255
+ - source: salt://bind/files/db.255
+ - user: root
+ - group: root
+ - mode: 644
+ - backup: minion
+ - require:
+ - file: bind-default-zones-dir
+
+zone-db.empty:
+ file.managed:
+ - name: {{ def_zones_dir }}/db.empty
+ - source: salt://bind/files/db.empty
+ - user: root
+ - group: root
+ - mode: 644
+ - backup: minion
- require:
- - file: /etc/bind
+ - file: bind-default-zones-dir
-/etc/bind/db.empty:
- file.exists:
+zone-db.local:
+ file.managed:
+ - name: {{ def_zones_dir }}/db.local
+ - source: salt://bind/files/db.local
+ - user: root
+ - group: root
+ - mode: 644
+ - backup: minion
- require:
- - file: /etc/bind
+ - file: bind-default-zones-dir
-/etc/bind/db.local:
- file.exists:
+zone-db.root:
+ file.managed:
+ - name: {{ def_zones_dir }}/db.root
+ - source: salt://bind/files/db.root
+ - user: root
+ - group: root
+ - mode: 644
+ - backup: minion
- require:
- - file: /etc/bind
+ - file: bind-default-zones-dir
-/etc/bind/db.root:
- file.exists:
+bind-conf_default-zones:
+ file.managed:
+ - name: {{ etc_dir }}/named.conf.default-zones
+ - source: salt://bind/files/named.conf.default-zones
+ - user: root
+ - group: root
+ - mode: 644
+ - template: jinja
+ - backup: minion
- require:
- - file: /etc/bind
+ - file: bind-etc-dir
+ - file: bind-default-zones-dir
+ - file: zone-db.0
+ - file: zone-db.127
+ - file: zone-db.255
+ - file: zone-db.empty
+ - file: zone-db.local
+ - file: zone-db.root
-/etc/bind/zones.rfc1918:
+bind-conf_zones.rfc1918:
file.managed:
+ - name: {{ etc_dir }}/zones.rfc1918
- source: salt://bind/files/zones.rfc1918
- user: root
- group: root
- template: jinja
- backup: minion
- require:
- - file: /etc/bind
- - file: /etc/bind/db.empty
+ - file: bind-etc-dir
+ - file: zone-db.empty
+{%- set home_dir = salt['pillar.get']('bind:home-dir', '/var/cache/bind') -%}
+{%- set etc_dir = salt['pillar.get']('bind:etc-dir', '/etc/bind') -%}
+{%- set def_zones_dir = salt['pillar.get']('bind:default-zones-dir', '/etc/bind') -%}
-/etc/bind:
+bind-etc-dir:
file.directory:
+ - name: {{ etc_dir }}
- user: root
- group: bind
- dir_mode: 2755
- require:
- group: bind-group
-/etc/bind/zones:
+bind-zones-dir:
file.directory:
+ - name: {{ etc_dir }}/zones
- user: root
- group: bind
- dir_mode: 755
- require:
- - file: /etc/bind
+ - file: bind-etc-dir
-/var/cache/bind:
+bind-default-zones-dir:
file.directory:
+ - name: {{ def_zones_dir }}
+ - makedirs: True
+ - require:
+ - file: bind-etc-dir
+
+bind-home-dir:
+ file.directory:
+ - name: {{ home_dir }}
- user: root
- group: bind
- dir_mode: 775
--- /dev/null
+;
+; BIND reverse data file for broadcast zone
+;
+$TTL 604800
+@ IN SOA localhost. root.localhost. (
+ 1 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
--- /dev/null
+;
+; BIND reverse data file for local loopback interface
+;
+$TTL 604800
+@ IN SOA localhost. root.localhost. (
+ 1 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
+1.0.0 IN PTR localhost.
--- /dev/null
+;
+; BIND reverse data file for broadcast zone
+;
+$TTL 604800
+@ IN SOA localhost. root.localhost. (
+ 1 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
--- /dev/null
+; BIND reverse data file for empty rfc1918 zone
+;
+; DO NOT EDIT THIS FILE - it is used for multiple zones.
+; Instead, copy it, edit named.conf, and use that copy.
+;
+$TTL 86400
+@ IN SOA localhost. root.localhost. (
+ 1 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 86400 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
--- /dev/null
+;
+; BIND data file for local loopback interface
+;
+$TTL 604800
+@ IN SOA localhost. root.localhost. (
+ 2 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
+@ IN A 127.0.0.1
+@ IN AAAA ::1
--- /dev/null
+; This file holds the information on root name servers needed to
+; initialize cache of Internet domain name servers
+; (e.g. reference this file in the "cache . <file>"
+; configuration file of BIND domain name servers).
+;
+; This file is made available by InterNIC
+; under anonymous FTP as
+; file /domain/named.cache
+; on server FTP.INTERNIC.NET
+; -OR- RS.INTERNIC.NET
+;
+; last update: Jan 3, 2013
+; related version of root zone: 2013010300
+;
+; formerly NS.INTERNIC.NET
+;
+. 3600000 IN NS A.ROOT-SERVERS.NET.
+A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
+A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30
+;
+; FORMERLY NS1.ISI.EDU
+;
+. 3600000 NS B.ROOT-SERVERS.NET.
+B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
+;
+; FORMERLY C.PSI.NET
+;
+. 3600000 NS C.ROOT-SERVERS.NET.
+C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
+;
+; FORMERLY TERP.UMD.EDU
+;
+. 3600000 NS D.ROOT-SERVERS.NET.
+D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
+D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D
+;
+; FORMERLY NS.NASA.GOV
+;
+. 3600000 NS E.ROOT-SERVERS.NET.
+E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
+;
+; FORMERLY NS.ISC.ORG
+;
+. 3600000 NS F.ROOT-SERVERS.NET.
+F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
+F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F
+;
+; FORMERLY NS.NIC.DDN.MIL
+;
+. 3600000 NS G.ROOT-SERVERS.NET.
+G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
+;
+; FORMERLY AOS.ARL.ARMY.MIL
+;
+. 3600000 NS H.ROOT-SERVERS.NET.
+H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
+H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235
+;
+; FORMERLY NIC.NORDU.NET
+;
+. 3600000 NS I.ROOT-SERVERS.NET.
+I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
+I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53
+;
+; OPERATED BY VERISIGN, INC.
+;
+. 3600000 NS J.ROOT-SERVERS.NET.
+J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
+J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30
+;
+; OPERATED BY RIPE NCC
+;
+. 3600000 NS K.ROOT-SERVERS.NET.
+K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
+K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1
+;
+; OPERATED BY ICANN
+;
+. 3600000 NS L.ROOT-SERVERS.NET.
+L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
+L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42
+;
+; OPERATED BY WIDE
+;
+. 3600000 NS M.ROOT-SERVERS.NET.
+M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
+M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35
+; End of File
--- /dev/null
+{%- set def_zones_dir = salt['pillar.get']('bind:default-zones-dir', '/etc/bind') -%}
+//###############################################################
+//# Bind9-Konfigurationsdatei Default zones
+//# /etc/bind/named.conf.default-zones
+//#
+//# Host {{ grains['fqdn'] }}
+//#
+//###############################################################
+
+// prime the server with knowledge of the root servers
+zone "." {
+ type hint;
+ file "{{ def_zones_dir }}/db.root";
+};
+
+// be authoritative for the localhost forward and reverse zones, and for
+// broadcast zones as per RFC 1912
+
+zone "localhost" {
+ type master;
+ file "{{ def_zones_dir }}/db.local";
+};
+
+zone "127.in-addr.arpa" {
+ type master;
+ file "{{ def_zones_dir }}/db.127";
+};
+
+zone "0.in-addr.arpa" {
+ type master;
+ file "{{ def_zones_dir }}/db.0";
+};
+
+zone "255.in-addr.arpa" {
+ type master;
+ file "{{ def_zones_dir }}/db.255";
+};
+
+# vim: ts=4 filetype=named noai
+{%- set def_zones_dir = salt['pillar.get']('bind:default-zones-dir', '/etc/bind') -%}
//###############################################################
//# Bind9-Konfigurationsdatei Default zones RFC 1918
//# /etc/bind/zones.rfc1918
//#
//###############################################################
-zone "10.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-
-zone "16.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "17.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "18.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "19.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "20.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "21.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "22.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "23.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "24.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "25.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "26.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "27.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "28.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "29.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
-zone "31.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "10.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
-zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "16.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "17.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "18.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "19.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "20.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "21.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "22.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "23.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "24.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "25.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "26.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "27.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "28.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "29.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "30.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+zone "31.172.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
+
+zone "168.192.in-addr.arpa" { type master; file "{{ def_zones_dir }}/db.empty"; };
# vim: ts=4 filetype=named noai
+{%- set home_dir = salt['pillar.get']('bind:home-dir', '/var/cache/bind') -%}
bind-group:
group.present:
- gid: bind
- fullname: Bind daemon user
- shell: /bin/false
- - home: /var/cache/bind
+ - home: {{ home_dir }}
- system: True
- createhome: False
- require:
projects / salt / states.git / commitdiff