UNPKG

masson

Version:

Module execution engine for cluster deployments.

github.com/adaltas/node-masson

adaltas/node-masson

133 lines (106 loc) 3.73 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
# Bind Server Install export default header: 'Bind Server Install', handler: ({options}) -> ## Users & Groups By default, the "bind" package create the following entries: ```bash cat /etc/passwd | grep named named:x:25:25:Named:/var/named:/sbin/nologin cat /etc/group | grep named named:x:25: ``` @system.group options.group @system.user options.user ## IPTables | Service | Port | Proto | Parameter | |------------|------|-------|-----------------| | named | 53 | tcp | - | | named | 53 | upd | - | IPTables rules are only inserted if the parameter "iptables.action" is set to "start" (default value). @tools.iptables header: 'IPTables' rules: [ { chain: 'INPUT', jump: 'ACCEPT', dport: options.port, protocol: 'tcp', state: 'NEW', comment: "Named" } { chain: 'INPUT', jump: 'ACCEPT', dport: options.port, protocol: 'udp', state: 'NEW', comment: "Named" } ] if: options.iptables ## Install The packages "bind" is installed as a startup item and not yet installed. @service header: 'Install' name: 'bind' srv_name: 'named' startup: true @system.tmpfs if_os: name: ['redhat','centos'], version: '7' mount: '/run/named' name: 'named' perm: '0750' uid: options.user.name gid: options.group.name ## Configure Update the "/etc/named.conf" file by modifying the commenting the listen-on port and setting "allow-query" to any. The "named" service is restarted if modified. @file header: 'Configure' target: '/etc/named.conf' mode: 0o644 write: [ # Comment listen-on port match: /^(\s+)(listen\-on port.*)$/mg replace: '$1#$2' , # Set allow-query to any match: /^(\s+allow\-query\s*\{)(.*)(\};\s*)$/mg replace: '$1 any; $3' ] @service header: 'Restart' srv_name: 'named' state: 'restarted' if: -> @status -1 ## Zones Upload the zones definition files provided in the configuration file. @call header: 'Zones', handler: -> @file target: '/etc/named.conf' write: for zone in options.zones # /^zone "hadoop" IN \{[\s\S]*?\n\}/gm.exec f match: RegExp "^zone \"#{quote path.basename zone}\" IN \\{[\\s\\S]*?\\n\\};", 'gm' replace: """ zone "#{path.basename zone}" IN { type master; file "#{path.basename zone}"; allow-update { none; }; }; """ append: true mode: 0o750 @file ( source: zone local: true mode: 0o644 uid: options.user.name gid: options.group.name target: "/var/named/#{path.basename zone}" ) for zone in options.zones ## rndc Key Generates configuration files for rndc. @call header: 'rndc Key', handler: -> @system.execute cmd: 'rndc-confgen -a -r /dev/urandom -c /etc/rndc.key' unless_exists: '/etc/rndc.key' @system.chown target: '/etc/rndc.key' uid: options.user.name gid: options.group.name @service srv_name: 'named' state: 'restarted' if: -> @status() ## Module Dependencies path = require 'path' quote = require 'regexp-quote' ## Resources * [Centos installation](https://www.digitalocean.com/community/articles/how-to-install-the-bind-dns-server-on-centos-6) * [Forward configuration](http://gleamynode.net/articles/2267/)