Skip to content

Commit

Permalink
Initial Pillar support in dnsmasq-formula
Browse files Browse the repository at this point in the history
  • Loading branch information
eshelman committed Jan 6, 2014
1 parent 6152a74 commit 91597e4
Show file tree
Hide file tree
Showing 4 changed files with 83 additions and 23 deletions.
34 changes: 26 additions & 8 deletions dnsmasq/files/dnsmasq.conf
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
{%- set dnsmasq = pillar.get('dnsmasq', {}) %}
#
# This file is managed by salt.
# Modify the config that generates this file instead of dnsmasq.conf.
#
#
# Configuration file for dnsmasq.
#
# Format is one option per line, legal options are the same
Expand All @@ -7,7 +13,11 @@
# Listen on this specific port instead of the standard DNS port
# (53). Setting this to zero completely disables DNS function,
# leaving only DHCP and/or TFTP.
{% if dnsmasq.port is number %}
port={{ dnsmasq.port }}
{% else %}
#port=5353
{% endif %}

# The following two options make you a better netizen, since they
# tell dnsmasq to filter out queries which the public DNS cannot
Expand All @@ -16,9 +26,17 @@
# these requests from bringing up the link unnecessarily.

# Never forward plain names (without a dot or domain part)
{% if dnsmasq.domain_needed %}
domain-needed
{% else %}
#domain-needed
{% endif %}
# Never forward addresses in the non-routed address spaces.
{% if dnsmasq.bogus_priv %}
bogus-priv
{% else %}
#bogus-priv
{% endif %}


# Uncomment this to filter useless windows-originated DNS requests
Expand Down Expand Up @@ -171,11 +189,11 @@
#dhcp-range=1234::2, 1234::500, 64, 12h

# Do Router Advertisements, BUT NOT DHCP for this subnet.
#dhcp-range=1234::, ra-only
#dhcp-range=1234::, ra-only

# Do Router Advertisements, BUT NOT DHCP for this subnet, also try and
# add names to the DNS for the IPv6 address of SLAAC-configured dual-stack
# hosts. Use the DHCPv4 lease to derive the name, network segment and
# add names to the DNS for the IPv6 address of SLAAC-configured dual-stack
# hosts. Use the DHCPv4 lease to derive the name, network segment and
# MAC address and assume that the host will also have an
# IPv6 address calculated using the SLAAC alogrithm.
#dhcp-range=1234::, ra-names
Expand All @@ -198,9 +216,9 @@
#dhcp-range=1234::, ra-stateless, ra-names

# Do router advertisements for all subnets where we're doing DHCPv6
# Unless overriden by ra-stateless, ra-names, et al, the router
# Unless overriden by ra-stateless, ra-names, et al, the router
# advertisements will have the M and O bits set, so that the clients
# get addresses and configuration from DHCPv6, and the A bit reset, so the
# get addresses and configuration from DHCPv6, and the A bit reset, so the
# clients don't use SLAAC addresses.
#enable-ra

Expand Down Expand Up @@ -266,11 +284,11 @@
# any machine with Ethernet address starting 11:22:33:
#dhcp-host=11:22:33:*:*:*,set:red

# Give a fixed IPv6 address and name to client with
# Give a fixed IPv6 address and name to client with
# DUID 00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2
# Note the MAC addresses CANNOT be used to identify DHCPv6 clients.
# Note also the they [] around the IPv6 address are obilgatory.
#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5]
#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5]

# Ignore any clients which are not specified in dhcp-host lines
# or /etc/ethers. Equivalent to ISC "deny unknown-clients".
Expand Down Expand Up @@ -326,7 +344,7 @@
# Send DHCPv6 option. Note [] around IPv6 addresses.
#dhcp-option=option6:dns-server,[1234::77],[1234::88]

# Send DHCPv6 option for namservers as the machine running
# Send DHCPv6 option for namservers as the machine running
# dnsmasq and another.
#dhcp-option=option6:dns-server,[::],[1234::88]

Expand Down
41 changes: 26 additions & 15 deletions dnsmasq/init.sls
Original file line number Diff line number Diff line change
@@ -1,28 +1,39 @@
dnsmasq:
pkg:
- installed
service:
- running
- enable: True
- require:
- pkg: dnsmasq
- watch:
- file: /etc/dnsmasq.conf
- file: /etc/dnsmasq.d
# Include :download:`map file <map.jinja>` of OS-specific package names and
# file paths. Values can be overridden using Pillar.
{% from "dnsmasq/map.jinja" import dnsmasq with context %}
/etc/dnsmasq.conf:
{% if salt['pillar.get']('dnsmasq:dnsmasq_conf') %}
dnsmasq_conf:
file.managed:
- source: salt://dnsmasq/files/dnsmasq.conf
- name: {{ dnsmasq.dnsmasq_conf }}
- source: {{ salt['pillar.get']('dnsmasq:dnsmasq_conf', 'salt://dnsmasq/files/dnsmasq.conf') }}
- user: root
- group: root
- mode: 644
- template: jinja
- require:
- pkg: dnsmasq
/etc/dnsmasq.d:
dnsmasq_conf_dir:
file.recurse:
- source: salt://dnsmasq/files/dnsmasq.d
- name: {{ dnsmasq.dnsmasq_conf_dir }}
- source: {{ salt['pillar.get']('dnsmasq:dnsmasq_conf_dir', 'salt://dnsmasq/files/dnsmasq.d') }}
- template: jinja
- require:
- pkg: dnsmasq
{% endif %}
dnsmasq:
pkg:
- installed
service:
- running
- name: {{ dnsmasq.service }}
- enable: True
- require:
- pkg: dnsmasq
{% if salt['pillar.get']('dnsmasq:dnsmasq_conf') %}
- watch:
- file: dnsmasq_conf
- file: dnsmasq_conf_dir
{% endif %}
18 changes: 18 additions & 0 deletions dnsmasq/map.jinja
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
{% set map = {
'Debian': {
'service': 'dnsmasq',
'dnsmasq_conf': '/etc/dnsmasq.conf',
'dnsmasq_conf_dir': '/etc/dnsmasq.d',
},
'RedHat': {
'service': 'dnsmasq',
'dnsmasq_conf': '/etc/dnsmasq.conf',
'dnsmasq_conf_dir': '/etc/dnsmasq.d',
},
} %}

{% if grains.get('saltversion', '').startswith('0.17') %}
{% set dnsmasq = salt['grains.filter_by'](map, merge=salt['pillar.get']('dnsmasq:lookup')) %}
{% else %}
{% set dnsmasq = map.get(grains.os_family) %}
{% endif %}
13 changes: 13 additions & 0 deletions pillar.example
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
# Example settings for dnsmasq.
dnsmasq:
dnsmasq_conf: salt://dnsmasq/files/dnsmasq.conf
dnsmasq_conf_dir: salt://dnsmasq/files/dnsmasq.d

# Port to listen on. Setting this to zero completely disables DNS function,
# leaving only DHCP and/or TFTP.
port: 53

# Require full domain name? (including a dot and domain part)
domain_needed: False
# Never forward addresses in the non-routed address spaces?
bogus_priv: False

0 comments on commit 91597e4

Please sign in to comment.