A cookbook to manage bind DNS servers, and zones Support views,acl,master/slave using keys and many other options.

This is a 'library' cookbook, so in order to get the most out of it you will need to have a wrapper cookbook

This cookbook relays on attributes defined in the wrapper cookbook.

node['bind9']['channel'] Will be used to configure the channels like rndc or statistics-channels. the name of the channel should be specify as a hash and it will contain array of config parameters for example:

default['bind9']['channel']['controls'][1]['inet'] = "127.0.0.1"
default['bind9']['channel']['controls'][1]['port'] = "953"
default['bind9']['channel']['controls'][1]['allow'] = "any"
default['bind9']['channel']['controls'][1]['keys'] = "rndc-key"

node['bind9']['keys'] Will be used to configure the bind keys expample :

default['bind9']['keys']['rndc']['algorithm'] = "hmac-md5"
default['bind9']['keys']['rndc']['secret'] = "T8/uYW+mMHzpZLtMC4Vpdw=="

ATTENTION! since rndc is critical for bind operation (init script is using it to stop and reload the server) we generated a key and used it as default. PLEASE CHANEG THE KEY BEFORE USING IT!!! here is a link that explains how it can be done http://www.cyberciti.biz/faq/unix-linux-bind-named-configuring-tsig/

node['bind9']['log'] Will be used to configure the logs and has tow main parts. the Default log parameter for all categories, it should be defined with attribute ['bind9']['log']['logdflt'][PARAMTER] The defaults are:

default['bind9']['logdflt']['version'] = "versions 4 size 100m"
default['bind9']['logdflt']['severity'] = "dynamic"
default['bind9']['logdflt']['print-category'] = "yes"
default['bind9']['logdflt']['print-severity'] = "yes"
default['bind9']['logdflt']['print-time'] = "yes"

Changes in the logdflt section will affect all other channels unless the log channel will specify it. The second part of the log attributes is the log channel. channel must have the following attribute

default['bind9']['log'][CHANNLE NAME]['channel']=
default['bind9']['log'][CHANNLE NAME]['logfile']=

here is an example

default['bind9']['log']['queries']['channel']= "queries_file"
default['bind9']['log']['queries']['logfile'] = "queries.log"
default['bind9']['log']['queries']['categorychannle'] = "null"

More information about bind logs can be found in here: http://www.zytrax.com/books/dns/ch7/logging.html

node['bind9']['options'] Will be used for a configuration in the option section in bind. Attribute can be a key value pair when the key will be the option name and the value will be used as the value or an Array when the key will be used as the option name and the value will be set bind section for this option example default['bind9']['options']['dnssec-validation'] = "auto" will be translate to dnssec-validation auto; in bind default['bind9']['options']['listen-on'] = ['1.1.1.1','2.2.2.2'] will be translate to

listen-on {
1.1.1.1;
2.2.2.2;
};

keep in maind that if the value sould be quoted in bind the value should be quoted in the attribute as well, for example default['bind9']['options']['directory'] = '"/var/named"' will translated to directory "/var/named"

node['bind9']['acl'] Is a hash of acls that contains an Array of ips All ACLs will be inputted to named. conf.acl in the bind config directory. for example :

node['bind9']['acl']= {
	"interal" : ['10/8','192.168/16'],
	"external" : ['any']
}

views can be used per domain , and should be defined on the provider By default we asuume you have an ACL for every view - so the default match-clients acl will be the view name . if you want to define a differnat acl to a view use the attribute node['bind9']['viewacl'][NAME OF THE VIEW] = ACLNAME for example - by default view internal look like this

view "internal-view" {
	match-clients { internal; };
		.
		.
	  DOMAINS
		.
		.
	};

if you want to use office ACL for the view then you should set up node['bind9']['viewacl']['internal'] = 'office'

view "internal-view" {
	match-clients { office; };
		.
		.
	  DOMAINS
		.
		.
	};

Just include the cookbook in your metadata set up the attribute and use the bind9_zone provider to create a new zone for example:

bind9_ng_zone "Domain name" do
  email
  nameserver
  type
  ip
  view
end

The options are : domain - Doman Name ttl - The ttl value for the domain :default => 86400 email - Hosmaster Email to use for the SOA record view - The view the domain should be included , leave empty if you don't want to use views type - Type of domain right now we onlt support master and forward :default => "master" ip - if type= forward the ip address of the forward dnss should be specify here

refresh - define SOA refresh default => 3600 retry - define SOA retry default => 900 expire - define SOA expire default => 604800 neg_ttl - define the neg_ttl default => 3600 nameserver NS record for the domain mailserver - define the mailserver that will be used by the zone hosts - A hash of hosts and ip address that will configure for the domain