Try to make resolv.conf options actual class parameters
authorPeter Palfrader <peter@palfrader.org>
Tue, 10 Sep 2019 17:13:02 +0000 (19:13 +0200)
committerPeter Palfrader <peter@palfrader.org>
Tue, 10 Sep 2019 17:13:02 +0000 (19:13 +0200)
22 files changed:
hieradata/common.yaml
hieradata/hosters/1und1-sec.yaml
hieradata/hosters/accumu.yaml
hieradata/hosters/br.yaml
hieradata/hosters/brainfood.yaml
hieradata/hosters/bytemark.yaml
hieradata/hosters/csail.yaml
hieradata/hosters/gatech.yaml
hieradata/hosters/grnet.yaml
hieradata/hosters/leaseweb.yaml
hieradata/hosters/man-da.yaml
hieradata/hosters/rapidswitch.yaml
hieradata/hosters/sanger.yaml
hieradata/hosters/sil.yaml
hieradata/hosters/ubc.yaml
hieradata/hosters/ugent.yaml
hieradata/hosters/ynic.yaml
hieradata/hosters/zivit.yaml
modules/puppetmaster/lib/puppet/parser/functions/nodeinfo.rb
modules/resolv/manifests/init.pp
modules/resolv/templates/resolv.conf.erb
modules/unbound/manifests/init.pp

index 3bb245d..4a224b4 100644 (file)
@@ -2,14 +2,13 @@
 
 lookup_options:
   # with merge: unique entries in other hiera sources add to the array
-  resolv_conf::searchpaths:
+  resolv::searchpaths:
     merge: unique
   apt::sources::debian::location:
     merge: unique
 
-nameservers: []
-resolv_conf::searchpaths: ['debian.org']
-resolv_conf::resolvoptions: []
+resolv::resolv::nameservers: []
+resolv::searchpaths: ['debian.org']
 allow_dns_query: []
 role_config__mirrors:
   mirror_basedir_prefix: '/srv/mirrors/'
index d50afc0..7f79bda 100644 (file)
@@ -1,3 +1,3 @@
 ---
-resolv_conf::searchpaths:
+resolv::searchpaths:
   - debprivate-oneandone.debian.org
index 250a27d..00e677b 100644 (file)
@@ -1,11 +1,11 @@
 ---
-nameservers:
+resolv::nameservers:
   - 130.239.18.251
   - 2001:6b0:e:2018::251
   - 130.239.18.252
   - 2001:6b0:e:2018::252
   - 130.239.1.90
   - 130.239.4.100
-resolv_conf::searchpaths:
+resolv::searchpaths:
   - priv.accumu.debian.org
   - debprivate-accumu.debian.org
index 970c10b..0e757a7 100644 (file)
@@ -1,5 +1,5 @@
 ---
-nameservers:
+resolv::nameservers:
   - 200.236.31.1
   - 200.17.202.3
 firewall_blocks_dns: true
index 76f8ad5..5b20028 100644 (file)
@@ -1,3 +1,3 @@
 ---
-resolv_conf::searchpaths:
+resolv::searchpaths:
   - debprivate-brainfood.debian.org
index b56399c..4b6165d 100644 (file)
@@ -1,5 +1,5 @@
 ---
-nameservers:
+resolv::nameservers:
   - 5.153.231.241
   - 5.153.231.242
 allow_dns_query:
index a7f225c..4b7e8d3 100644 (file)
@@ -1,9 +1,9 @@
 ---
-nameservers:
+resolv::nameservers:
   - 128.30.2.24
   - 128.30.2.25
   - 128.30.0.125
-resolv_conf::searchpaths:
+resolv::searchpaths:
   - priv.csail.debian.org
 # currently only used by VMs with systemd-timesync
 local-timeservers:
index 6f0ae31..8fec431 100644 (file)
@@ -1,5 +1,5 @@
 ---
-nameservers:
+resolv::nameservers:
   - 143.215.130.231
   - 143.215.130.232
 
index d12caeb..4d5d9f5 100644 (file)
@@ -1,8 +1,8 @@
 ---
-nameservers:
+resolv::nameservers:
   - 62.217.126.164
   - 194.177.210.210
-resolv_conf::searchpaths:
+resolv::searchpaths:
   - debprivate-grnet.debian.org
 # currently only used by VMs with systemd-timesync
 local-timeservers:
index 4c52247..32f8775 100644 (file)
@@ -1,5 +1,5 @@
 ---
-nameservers:
+resolv::nameservers:
   - 85.17.150.123
   - 85.17.96.69
   - 85.17.150.123
index 6200b3f..682709a 100644 (file)
@@ -1,11 +1,11 @@
 ---
-nameservers:
+resolv::nameservers:
   - 82.195.75.109
   - 82.195.75.103
 allow_dns_query:
   - 82.195.75.64/26
   - 172.29.180.0/24
-resolv_conf::searchpaths:
+resolv::searchpaths:
   - manda.debian.org
   - priv.manda.debian.org
 # currently only used by VMs with systemd-timesync
index 88e5b1d..384b39c 100644 (file)
@@ -1,5 +1,5 @@
 ---
-nameservers:
+resolv::nameservers:
   - 87.117.198.200
   - 87.117.237.100
   - 87.117.196.200
index fe56acb..21b8d90 100644 (file)
@@ -1,8 +1,8 @@
 ---
-nameservers:
+resolv::nameservers:
   - 193.62.202.28
   - 193.62.202.29
-resolv_conf::searchpaths:
+resolv::searchpaths:
   - debprivate-sanger.debian.org
 allow_dns_query:
   - 193.62.202.24/29
index cf6aec8..36ade36 100644 (file)
@@ -1,3 +1,3 @@
 ---
-resolv_conf::searchpaths:
+resolv::searchpaths:
   - priv.sil.debian.org
index 885436f..0c5d379 100644 (file)
@@ -1,5 +1,5 @@
 ---
-nameservers:
+resolv::nameservers:
   # ubc-enc2bl02
   - 209.87.16.2
   - 2607:f8f0:614:1::1274:2
@@ -9,7 +9,7 @@ nameservers:
   # ubc-enc2bl10
   - 209.87.16.10
   - 2607:f8f0:614:1::1274:10
-resolv_conf::searchpaths:
+resolv::searchpaths:
   - debprivate-ubc.debian.org
   - priv.ubc.debian.org
 allow_dns_query:
index 0787a52..11317fc 100644 (file)
@@ -1,3 +1,3 @@
 ---
-nameservers:
+resolv::nameservers:
   - 157.193.40.42
index 79864bc..5c63d6b 100644 (file)
@@ -1,5 +1,5 @@
 ---
-nameservers:
+resolv::nameservers:
   - 144.32.169.74
   - 144.32.169.75
   - 144.32.169.76
index dbbc601..a411182 100644 (file)
@@ -1,5 +1,5 @@
 ---
-nameservers:
+resolv::nameservers:
   - 80.245.147.141
   - 80.245.147.142
   - 80.245.147.143
index 31ba385..384c7d9 100644 (file)
@@ -52,7 +52,7 @@ module Puppet::Parser::Functions
         nodeinfo['misc']['v6_ldap'] = nodeinfo['ldap']['ipHostNumber'].select { |x| IPAddr.new(x).ipv6? }
       end
 
-      ns = call_function('hiera',['nameservers'])
+      ns = call_function('hiera',['resolv::nameservers'])
       allow_dns_q = call_function('hiera',['allow_dns_query'])
       if ns.empty?
         # no nameservers known for this hoster
index c2a741d..9de974a 100644 (file)
@@ -1,14 +1,28 @@
-class resolv {
+class resolv(
+  Array[Stdlib::IP::Address] $nameservers = [],
+  Array[String] $searchpaths = [],
+  Array[String] $resolvoptions = [],
+) {
 
-       $nameservers = $facts['unbound'] ? {
-               true    => ['127.0.0.1'],
-               default => lookup('nameservers'),
-       }
+  $ns = $facts['unbound'] ? {
+    true    => ['127.0.0.1'],
+    default => $nameservers,
+  }
 
-       $searchpaths = lookup('resolv_conf::searchpaths')
-       $resolvoptions = lookup('resolv_conf::resolvoptions')
+  file { '/etc/resolv.conf':
+      content => template('resolv/resolv.conf.erb');
+  }
 
-       file { '/etc/resolv.conf':
-                       content => template('resolv/resolv.conf.erb');
-       }
+  file { '/etc/dhcp/dhclient-enter-hooks.d/puppet-no-resolvconf':
+    content  => @("EOF"),
+                   make_resolv_conf() {
+                     :
+                   }
+                   | EOF
+    mode => '555',
+    ensure => ($dhclient and $unbound) ? {
+      true     => 'present',
+      false    => 'absent',
+    }
+  }
 }
index 6e02dbb..9d4e8f8 100644 (file)
@@ -5,7 +5,7 @@
 
 
 <%
-nameservers = @nameservers
+nameservers = @ns
 
 if nameservers.empty?
   scope.function_warning(["Something has gone wrong writing resolv.conf.  No nameservers to use - using google's!"])
index ec37dfa..72f9a37 100644 (file)
@@ -13,7 +13,7 @@ class unbound {
        $client_ranges = hiera('allow_dns_query')
        $firewall_blocks_dns = hiera('firewall_blocks_dns', false)
        $empty_client_range = empty($client_ranges)
-       $ns            = hiera('nameservers')
+       $ns            = hiera('resolv::nameservers')
 
        package { 'unbound':
                ensure => installed