+++ /dev/null
-# **NOTE: THIS IS A [PRIVATE](https://github.com/puppetlabs/puppetlabs-stdlib#assert_private) CLASS**
-#
-# This class provides an abstract way to trigger resolved.
-# Each parameters correspond to resolved.conf(5):
-# https://www.freedesktop.org/software/systemd/man/resolved.conf.html
-#
-# @param ensure
-# The state that the ``resolved`` service should be in
-#
-# @param dns
-# A space-separated list of IPv4 and IPv6 addresses to use as system DNS servers.
-# DNS requests are sent to one of the listed DNS servers in parallel to suitable
-# per-link DNS servers acquired from systemd-networkd.service(8) or set at runtime
-# by external applications. requires puppetlabs-inifile
-#
-# @param fallback_dns
-# A space-separated list of IPv4 and IPv6 addresses to use as the fallback DNS
-# servers. Any per-link DNS servers obtained from systemd-networkd take
-# precedence over this setting. requires puppetlabs-inifile
-#
-# @param domains
-# A space-separated list of domains host names or IP addresses to be used
-# systemd-resolved take precedence over this setting.
-#
-# @param llmnr
-# Takes a boolean argument or "resolve".
-#
-# @param multicast_dns
-# Takes a boolean argument or "resolve".
-#
-# @param dnssec
-# Takes a boolean argument or "allow-downgrade".
-#
-# @param cache
-# Takes a boolean argument.
-#
-# @param dns_stub_listener
-# Takes a boolean argument or one of "udp" and "tcp".
-#
-# @param use_stub_resolver
-# Takes a boolean argument. When "false" (default) it uses /var/run/systemd/resolve/resolv.conf
-# as /etc/resolv.conf. When "true", it uses /var/run/systemd/resolve/stub-resolv.conf
-#
-class systemd::resolved (
- Enum['stopped','running'] $ensure = $systemd::resolved_ensure,
- Optional[Variant[Array[String],String]] $dns = $systemd::dns,
- Optional[Variant[Array[String],String]] $fallback_dns = $systemd::fallback_dns,
- Optional[Variant[Array[String],String]] $domains = $systemd::domains,
- Optional[Variant[Boolean,Enum['resolve']]] $llmnr = $systemd::llmnr,
- Optional[Variant[Boolean,Enum['resolve']]] $multicast_dns = $systemd::multicast_dns,
- Optional[Variant[Boolean,Enum['allow-downgrade']]] $dnssec = $systemd::dnssec,
- Boolean $cache = $systemd::cache,
- Optional[Variant[Boolean,Enum['udp', 'tcp']]] $dns_stub_listener = $systemd::dns_stub_listener,
- Boolean $use_stub_resolver = $systemd::use_stub_resolver,
-){
-
- assert_private()
-
- $_enable_resolved = $ensure ? {
- 'stopped' => false,
- 'running' => true,
- default => $ensure,
- }
-
- service { 'systemd-resolved':
- ensure => $ensure,
- enable => $_enable_resolved,
- }
-
- $_resolv_conf_target = $use_stub_resolver ? {
- true => '/run/systemd/resolve/stub-resolv.conf',
- default => '/run/systemd/resolve/resolv.conf',
- }
- file { '/etc/resolv.conf':
- ensure => 'symlink',
- target => $_resolv_conf_target,
- require => Service['systemd-resolved'],
- }
-
- if $dns {
- if $dns =~ String {
- $_dns = $dns
- } else {
- $_dns = join($dns, ' ')
- }
- ini_setting{ 'dns':
- ensure => 'present',
- value => $_dns,
- setting => 'DNS',
- section => 'Resolve',
- path => '/etc/systemd/resolved.conf',
- notify => Service['systemd-resolved'],
- }
- }
-
- if $fallback_dns {
- if $fallback_dns =~ String {
- $_fallback_dns = $fallback_dns
- } else {
- $_fallback_dns = join($fallback_dns, ' ')
- }
- ini_setting{ 'fallback_dns':
- ensure => 'present',
- value => $_fallback_dns,
- setting => 'FallbackDNS',
- section => 'Resolve',
- path => '/etc/systemd/resolved.conf',
- notify => Service['systemd-resolved'],
- }
- }
-
- if $domains {
- if $domains =~ String {
- $_domains = $domains
- } else {
- $_domains = join($domains, ' ')
- }
- ini_setting{ 'domains':
- ensure => 'present',
- value => $_domains,
- setting => 'Domains',
- section => 'Resolve',
- path => '/etc/systemd/resolved.conf',
- notify => Service['systemd-resolved'],
- }
- }
-
- $_llmnr = $llmnr ? {
- true => 'yes',
- false => 'no',
- default => $llmnr,
- }
-
- if $_llmnr {
- ini_setting{ 'llmnr':
- ensure => 'present',
- value => $_llmnr,
- setting => 'LLMNR',
- section => 'Resolve',
- path => '/etc/systemd/resolved.conf',
- notify => Service['systemd-resolved'],
- }
- }
-
- $_multicast_dns = $multicast_dns ? {
- true => 'yes',
- false => 'no',
- default => $multicast_dns,
- }
-
- if $_multicast_dns {
- ini_setting{ 'multicast_dns':
- ensure => 'present',
- value => $_multicast_dns,
- setting => 'MulticastDNS',
- section => 'Resolve',
- path => '/etc/systemd/resolved.conf',
- notify => Service['systemd-resolved'],
- }
- }
-
- $_dnssec = $dnssec ? {
- true => 'yes',
- false => 'no',
- default => $dnssec,
- }
-
- if $_dnssec {
- ini_setting{ 'dnssec':
- ensure => 'present',
- value => $_dnssec,
- setting => 'DNSSEC',
- section => 'Resolve',
- path => '/etc/systemd/resolved.conf',
- notify => Service['systemd-resolved'],
- }
- }
-
- $_cache = $cache ? {
- true => 'yes',
- false => 'no',
- }
-
- if $cache {
- ini_setting{ 'cache':
- ensure => 'present',
- value => $_cache,
- setting => 'Cache',
- section => 'Resolve',
- path => '/etc/systemd/resolved.conf',
- notify => Service['systemd-resolved'],
- }
- }
-
- $_dns_stub_listener = $dns_stub_listener ? {
- true => 'yes',
- false => 'no',
- default => $dns_stub_listener,
- }
-
- if $_dns_stub_listener {
- ini_setting{ 'dns_stub_listener':
- ensure => 'present',
- value => $_dns_stub_listener,
- setting => 'DNSStubListener',
- section => 'Resolve',
- path => '/etc/systemd/resolved.conf',
- notify => Service['systemd-resolved'],
- }
- }
-
-}