diff --git a/REFERENCE.md b/REFERENCE.md index c578b20..3f70008 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -2358,7 +2358,7 @@ Custom type Unbound::Local_zone_type. ##### `config_file` -Data type: `Any` +Data type: `Stdlib::Absolutepath` name of configuration file. diff --git a/manifests/forward.pp b/manifests/forward.pp index f383bb0..380ce2c 100644 --- a/manifests/forward.pp +++ b/manifests/forward.pp @@ -28,9 +28,18 @@ Pattern[/yes|no/] $forward_tls_upstream = 'no', $config_file = $unbound::config_file, ) { + $content = @("CONTENT") + forward-zone: + ${unbound::print_config('name', $zone)} + ${unbound::print_config('forward-addr', $address)} + ${unbound::print_config('forward-host', $host)} + ${unbound::print_config('forward-first', $forward_first)} + ${unbound::print_config('forward-ssl-upstream', $forward_ssl_upstream)} + ${unbound::print_config('forward-tls-upstream', $forward_tls_upstream)} + | CONTENT concat::fragment { "unbound-forward-${name}": order => '20', target => $config_file, - content => template('unbound/forward.erb'), + content => $content.unbound::clean_blank_lines(), } } diff --git a/manifests/localzone.pp b/manifests/localzone.pp index 2f50cc8..653139d 100644 --- a/manifests/localzone.pp +++ b/manifests/localzone.pp @@ -26,15 +26,29 @@ # @param template_name Use a custom template. # define unbound::localzone ( - Unbound::Local_zone_type $type, - String $zone = $name, - $config_file = $unbound::config_file, - Array[Unbound::Resource_record_type] $local_data = [], - String $template_name = 'unbound/local_zone.erb' + Unbound::Local_zone_type $type, + String $zone = $name, + Stdlib::Absolutepath $config_file = $unbound::config_file, + String $template_name = 'unbound/local_zone.erb', + Array[Unbound::Resource_record_type] $local_data = [], ) { + $records = $local_data.map |$record| { + $data = $record['data'] + $_data = $record['type'] ? { + 'TXT' => $data.slice(255).map |$i| { "\"${i.join}\"" }.join, + default => $data, + } + $record_txt = "${record['name']} ${record['ttl']} ${record['class']} ${record['type']} ${_data}".regsubst(/\s+/, ' ', 'G') + " local-data: '${record_txt}'" + }.join("\n") + $content = @("CONTENT") + server: + local-zone: "${zone}" ${type} + ${records} + | CONTENT concat::fragment { "unbound-localzone-${name}": order => '06', target => $config_file, - content => template($template_name), + content => $content, } } diff --git a/manifests/remote.pp b/manifests/remote.pp index ed11a66..d129c3e 100644 --- a/manifests/remote.pp +++ b/manifests/remote.pp @@ -50,10 +50,23 @@ $config_file = $unbound::config_file, $control_setup_path = $unbound::control_setup_path, ) { + $_tls_config = @("CONFIG") + ${unbound::print_config('server-key-file', $server_key_file)} + ${unbound::print_config('server-cert-file', $server_cert_file)} + ${unbound::print_config('control-key-file', $control_key_file)} + ${unbound::print_config('control-cert-file', $control_cert_file)} + | CONFIG + $tls_config = $control_use_cert.bool2str($_tls_config, '') + $content = @("CONFIG") + ${unbound::print_config('control-enable', $enable)} + ${unbound::print_config('control-interface', $interface)} + ${unbound::print_config('control-port', $port)} + ${tls_config} + | CONFIG concat::fragment { 'unbound-remote': order => '10', target => $config_file, - content => template('unbound/remote.erb'), + content => $content.unbound::clean_blank_lines(), } unless $control_setup_path.empty { diff --git a/manifests/stub.pp b/manifests/stub.pp index bb619c2..ff0dc61 100644 --- a/manifests/stub.pp +++ b/manifests/stub.pp @@ -20,7 +20,7 @@ # Controls 'stub-first' stub zone option. # If true, a query that fails with the stub clause is attempted again # without the stub clause. -# @param type +# @param type # can be 'deny', 'refuse', 'static', 'transparent', 'typetransparent', 'redirect' or 'nodefault'. # @param config_file Name of the unbound config file # @@ -37,10 +37,18 @@ ) { include unbound $_config_file = pick($config_file, $unbound::config_file) + $content = @("CONFIG") + stub-zone: + ${unbound::print_config('name', $name)} + ${unbound::print_config('stub-addr', $address)} + ${unbound::print_config('stub-host', $nameservers)} + ${unbound::print_config('stub-first', $stub_first)} + ${unbound::print_config('stub-no-cache', $no_cache)} + | CONFIG concat::fragment { "unbound-stub-${name}": order => '15', target => $_config_file, - content => template('unbound/stub.erb'), + content => $content.unbound::clean_blank_lines, } if str2bool($insecure) == true { diff --git a/spec/defines/stub_spec.rb b/spec/defines/stub_spec.rb index 097b402..aa54c3f 100644 --- a/spec/defines/stub_spec.rb +++ b/spec/defines/stub_spec.rb @@ -20,11 +20,13 @@ it { is_expected.to contain_unbound__stub('lab.example.com') } it { - expect(subject).to contain_concat__fragment('unbound-stub-lab.example.com').with( - content: <<~ZONE + expect(subject).to contain_concat__fragment('unbound-stub-lab.example.com').with_content( + <<~ZONE stub-zone: name: "lab.example.com" - stub-addr: ::1 + stub-addr: "::1" + stub-first: no + stub-no-cache: no ZONE ) } @@ -42,13 +44,15 @@ it { is_expected.to contain_unbound__stub('lab.example.com') } it { - expect(subject).to contain_concat__fragment('unbound-stub-lab.example.com').with( - content: <<~ZONE + expect(subject).to contain_concat__fragment('unbound-stub-lab.example.com').with_content( + <<~ZONE stub-zone: name: "lab.example.com" - stub-addr: 10.0.0.10@10053 - stub-host: ns1.example.com - stub-host: ns2.example.com + stub-addr: "10.0.0.10@10053" + stub-host: "ns1.example.com" + stub-host: "ns2.example.com" + stub-first: no + stub-no-cache: no ZONE ) } @@ -66,11 +70,12 @@ it { is_expected.to contain_unbound__stub('lab.example.com') } it { - expect(subject).to contain_concat__fragment('unbound-stub-lab.example.com').with( - content: <<~ZONE + expect(subject).to contain_concat__fragment('unbound-stub-lab.example.com').with_content( + <<~ZONE stub-zone: name: "lab.example.com" - stub-addr: ::1 + stub-addr: "::1" + stub-first: no stub-no-cache: yes ZONE ) @@ -89,12 +94,13 @@ it { is_expected.to contain_unbound__stub('lab.example.com') } it { - expect(subject).to contain_concat__fragment('unbound-stub-lab.example.com').with( - content: <<~ZONE + expect(subject).to contain_concat__fragment('unbound-stub-lab.example.com').with_content( + <<~ZONE stub-zone: name: "lab.example.com" - stub-addr: ::1 + stub-addr: "::1" stub-first: yes + stub-no-cache: no ZONE ) } @@ -112,11 +118,12 @@ it { is_expected.to contain_unbound__stub('lab.example.com') } it { - expect(subject).to contain_concat__fragment('unbound-stub-lab.example.com').with( - content: <<~ZONE + expect(subject).to contain_concat__fragment('unbound-stub-lab.example.com').with_content( + <<~ZONE stub-zone: name: "lab.example.com" - stub-addr: ::1 + stub-addr: "::1" + stub-first: no stub-no-cache: yes ZONE ) diff --git a/templates/forward.erb b/templates/forward.erb deleted file mode 100644 index 9312ce7..0000000 --- a/templates/forward.erb +++ /dev/null @@ -1,17 +0,0 @@ -forward-zone: - name: "<%= @zone %>" -<% Array(@address).each do |addr| -%> - forward-addr: <%= addr %> -<% end -%> -<% Array(@host).each do |h| -%> - forward-host: <%= h %> -<% end -%> -<% if @forward_first != 'no' -%> - forward-first: <%= @forward_first %> -<% end -%> -<% if @forward_ssl_upstream != 'no' -%> - forward-ssl-upstream: <%= @forward_ssl_upstream %> -<% end -%> -<% if @forward_tls_upstream != 'no' -%> - forward-tls-upstream: <%= @forward_tls_upstream %> -<% end -%> diff --git a/templates/local_zone.erb b/templates/local_zone.erb deleted file mode 100644 index d4fd789..0000000 --- a/templates/local_zone.erb +++ /dev/null @@ -1,15 +0,0 @@ -server: - local-zone: "<%= @zone %>" <%= @type %> - <%- @local_data.each do |resource_record| -%> - <%- rr = resource_record['name'] -%> - <%- rr = "#{rr} #{resource_record['ttl']}" if resource_record['ttl'] -%> - <%- rr = "#{rr} #{resource_record['class']}" if resource_record['class'] -%> - <%- rr = "#{rr} #{resource_record['type']}" -%> - <%- if resource_record['type'] != 'TXT' -%> - <%- rr = "#{rr} #{resource_record['data']}" -%> - local-data: "<%= rr %>" - <%- else -%> - <%- rr = "#{rr} #{(resource_record['data'].scan /.{1,255}/).inject(''){|r, s| "#{r}\"#{s}\""}}" -%> - local-data: '<%= rr %>' - <%- end -%> - <%- end -%> diff --git a/templates/remote.erb b/templates/remote.erb deleted file mode 100644 index 40b676a..0000000 --- a/templates/remote.erb +++ /dev/null @@ -1,25 +0,0 @@ -remote-control: -<% if @enable -%> - control-enable: yes -<% else -%> - control-enable: no -<% end -%> -<% @interface.each do |int| -%> - control-interface: <%= int %> -<% end -%> - control-port: <%= @port %> - -<% if @control_use_cert -%> -<% if @server_key_file -%> - server-key-file: <%= @server_key_file %> -<% end -%> -<% if @server_cert_file -%> - server-cert-file: <%= @server_cert_file %> -<% end -%> -<% if @control_key_file -%> - control-key-file: <%= @control_key_file %> -<% end -%> -<% if @control_cert_file -%> - control-cert-file: <%= @control_cert_file %> -<% end -%> -<% end -%> diff --git a/templates/stub.erb b/templates/stub.erb deleted file mode 100644 index fbc9ccc..0000000 --- a/templates/stub.erb +++ /dev/null @@ -1,14 +0,0 @@ -stub-zone: - name: "<%= @name %>" -<% [@address].flatten.each do |addr| -%> - stub-addr: <%= addr %> -<% end -%> -<% @nameservers.each do |host| -%> - stub-host: <%= host %> -<% end -%> -<% if @stub_first == 'true' or @stub_first == true -%> - stub-first: yes -<% end -%> -<% if @no_cache == 'true' or @no_cache == true -%> - stub-no-cache: yes -<% end -%>