Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rocky9 support with postgres backend #185

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

rocky9 support with postgres backend #185

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
9958bd3
feat: redhat 9 support
pdemonaco Mar 9, 2025
0c13c42
fix: permissions on pdns.conf
pdemonaco Mar 9, 2025
44233e7
fix: postgresql schema path on redhat
pdemonaco Mar 9, 2025
3b6721d
maint: initial reference file generation
pdemonaco Mar 10, 2025
4da10f2
feat: move additional redhat repos into hiera
pdemonaco Mar 12, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
913 changes: 913 additions & 0 deletions REFERENCE.md
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion data/os/RedHat.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
powerdns::db_dir: /var/lib/powerdns
powerdns::db_file: "%{lookup('powerdns::db_dir')}/powerdns.sqlite3"
powerdns::mysql_schema_file: /usr/share/doc/pdns-backend-mysql-4.8.1/schema.mysql.sql
powerdns::pgsql_schema_file: /usr/share/doc/pdns-backend-postgresql-4.8.1/schema.pgsql.sql
powerdns::pgsql_schema_file: /usr/share/doc/pdns-backend-postgresql/schema.pgsql.sql
powerdns::sqlite_schema_file: /usr/share/doc/pdns-backend-sqlite-4.8.1/schema.sqlite.sql
powerdns::mysql_backend_package_name: pdns-backend-mysql
powerdns::ldap_backend_package_name: pdns-backend-ldap
Expand Down
8 changes: 8 additions & 0 deletions data/os/RedHat_CentOS.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
powerdns::supporting_repos:
crb:
descr: 'CentOS Linux $releasever - CRB'
enabled: true
gpgcheck: true
gpgkey: 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial'
mirrorlist: 'http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=CRB&infra=$infra'
8 changes: 8 additions & 0 deletions data/os/RedHat_CentOS_8.yaml
View file
Open in desktop
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CentOS 8 is EOL so I don't see a good reason to add this

Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
powerdns::supporting_repos:
powertools:
descr: 'CentOS Linux $releasever - PowerTools'
enabled: true
gpgcheck: true
gpgkey: 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial'
mirrorlist: 'http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=PowerTools&infra=$infra'
8 changes: 8 additions & 0 deletions data/os/RedHat_Rocky.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
powerdns::supporting_repos:
crb:
descr: 'Rocky Linux $releasever - CRB'
enabled: true
gpgcheck: true
gpgkey: 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial'
mirrorlist: 'https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=CRB-$releasever'
8 changes: 8 additions & 0 deletions data/os/RedHat_Rocky_8.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
powerdns::supporting_repos:
powertools:
descr: 'Rocky Linux $releasever - PowerTools'
enabled: true
gpgcheck: true
gpgkey: 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial'
mirrorlist: 'https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=PowerTools-$releasever'
17 changes: 11 additions & 6 deletions hiera.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,16 +6,21 @@ defaults: # Used for any hierarchy level that omits these keys.
data_hash: yaml_data # Use the built-in YAML backend.

hierarchy:
- name: "osfamily/major release"
- name: "family & name & major release"
paths:
# Used to distinguish between Debian and Ubuntu
- "os/%{facts.os.name}/%{facts.os.release.major}.yaml"
- "os/%{facts.os.family}/%{facts.os.release.major}.yaml"
- "os/%{facts.os.family}_%{facts.os.name}_%{facts.os.release.major}.yaml"
- name: "family & major release"
paths:
# Used to distinguish between Debian and Ubuntu
- "os/%{facts.os.family}_%{facts.os.release.major}.yaml"
# Used for Solaris
- "os/%{facts.os.family}/%{facts.kernelrelease}.yaml"
- name: "osfamily"
- "os/%{facts.os.family}_%{facts.kernelrelease}.yaml"
- name: "family & name"
paths:
- "os/%{facts.os.family}_%{facts.os.name}.yaml"
- name: "family"
paths:
- "os/%{facts.os.name}.yaml"
- "os/%{facts.os.family}.yaml"
- name: 'common'
path: 'common.yaml'
12 changes: 12 additions & 0 deletions manifests/authoritative.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
# powerdns::authoritative
#
# @param group
# Name of the group associated with the pdns authoritative service - needed to ensure the config file can be read.
class powerdns::authoritative (
String $group = 'pdns',
) inherits powerdns {
# install the powerdns package
package { $powerdns::authoritative_package_name:
Expand All @@ -10,6 +14,14 @@

include "powerdns::backends::${powerdns::backend}"

file { $powerdns::authoritative_config:
ensure => 'file',
owner => 'root',
group => $group,
mode => '0640',
Comment on lines +20 to +21
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This might potentially break things on other distributions, if the group is missing or it's not running under this group or root.

Copy link
Contributor

@ju5t ju5t Mar 11, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, does this mean PowerDNS does not create a config anymore during installation?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Config file will still be installed with the package installation, but managing it like that isn't going to work. It will definitely break on other distros

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Interesting. I can't speak to what the behavior is on other distros, however, the file was created with 0600 permissions on Rocky 9.5 in my testing.

I'll rework it so this change only applies on Rocky9 or perhaps Redhat 9 generally.

before => Service['pdns'],
}

service { 'pdns':
ensure => running,
name => $powerdns::authoritative_service_name,
Expand Down
4 changes: 4 additions & 0 deletions manifests/init.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,9 @@
# Records database will be split into this number of shards
# @param lmdb_sync_mode
# Sync mode for LMDB. One of 'nosync', 'sync', 'nometasync', 'mapasync'
# @param supporting_repos
# Additional repos that include dependencies for pdns on this OS. Currently
# only used by RedHat derivatives
#
class powerdns (
String[1] $authoritative_package_name,
Expand Down Expand Up @@ -65,6 +68,7 @@
Hash $forward_zones = {},
Powerdns::Autoprimaries $autoprimaries = {},
Boolean $purge_autoprimaries = false,
Hash[String,Hash] $supporting_repos = {}
) {
# Do some additional checks. In certain cases, some parameters are no longer optional.
if $authoritative {
Expand Down
21 changes: 5 additions & 16 deletions manifests/repo.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# powerdns::repo
class powerdns::repo inherits powerdns {
class powerdns::repo {
# The repositories of PowerDNS use a version such as '40' for version 4.0
# and 41 for version 4.1.
$authoritative_short_version = regsubst($powerdns::authoritative_version, /^(\d+)\.(\d+)(?:\.\d+)?$/, '\\1\\2', 'G')
Expand All @@ -14,21 +14,10 @@
Yumrepo['powerdns'] -> Package <| title == $powerdns::authoritative_package_name |>
Yumrepo['powerdns-recursor'] -> Package <| title == $powerdns::recursor_package_name |>

if ($facts['os']['name'] == 'Rocky') {
$mirrorlist = "https://mirrors.rockylinux.org/mirrorlist?arch=\$basearch&repo=PowerTools-\$releasever"
$gpgkey = 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial'
} else {
$mirrorlist = "http://mirrorlist.centos.org/?release=\$releasever&arch=\$basearch&repo=PowerTools&infra=\$infra"
$gpgkey = 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial'
}

yumrepo { 'powertools':
ensure => 'present',
descr => 'PowerTools',
mirrorlist => $mirrorlist,
enabled => 'true',
gpgkey => $gpgkey,
gpgcheck => 'true',
$powerdns::supporting_repos.each |$repo_name, $repo_data| {
yumrepo { $repo_name:
* => $repo_data,
}
}

yumrepo { 'powerdns':
Expand Down
3 changes: 1 addition & 2 deletions metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,7 @@
{
"operatingsystem": "CentOS",
"operatingsystemrelease": [
"8",
"9"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why drop 9? It should really be the only version since 8 is EOL.

"8"
]
},
{
Expand Down
52 changes: 42 additions & 10 deletions spec/classes/powerdns_init_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -115,16 +115,40 @@
case facts[:osfamily]
when 'RedHat'
it { is_expected.to contain_package('yum-plugin-priorities') } if facts[:operatingsystemmajrelease].to_i < 8
it { is_expected.to contain_yumrepo('powertools') } if facts[:operatingsystemmajrelease].to_i >= 8
if facts[:operatingsystem] != 'Rocky' && facts[:operatingsystemmajrelease].to_i >= 8
it {
is_expected.to contain_yumrepo('powertools').with('mirrorlist' => 'http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=PowerTools&infra=$infra')
}
end
if facts[:operatingsystem] == 'Rocky' && facts[:operatingsystemmajrelease].to_i >= 8
it {
is_expected.to contain_yumrepo('powertools').with('mirrorlist' => 'https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=PowerTools-$releasever')
}
case facts[:operatingsystemmajrelease]
when '8'
it { is_expected.to contain_yumrepo('powertools') }
if facts[:operatingsystem] != 'Rocky'
it {
is_expected.to contain_yumrepo('powertools').with(
'mirrorlist' => 'http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=PowerTools&infra=$infra',
)
}
end
if facts[:operatingsystem] == 'Rocky'
it {
is_expected.to contain_yumrepo('powertools').with(
'mirrorlist' => 'https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=PowerTools-$releasever',
)
}
end
when '9'
it { is_expected.to contain_yumrepo('crb') }
if facts[:operatingsystem] == 'Rocky'
it {
is_expected.to contain_yumrepo('crb').with(
'mirrorlist' => 'http://mirrorlist.rockylinux.org/mirrorlist?arch=$basearch&repo=CRB-$releasever',
'descr' => "#{facts[:operatingsystem]} Linux $releasever - CRB",
)
}
else
it {
is_expected.to contain_yumrepo('crb').with(
'mirrorlist' => 'http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=CRB&infra=$infra',
'descr' => "#{facts[:operatingsystem]} Linux $releasever - CRB",
)
}
end
end
it { is_expected.to contain_yumrepo('powerdns') }
it { is_expected.to contain_yumrepo('powerdns').with('baseurl' => 'http://repo.powerdns.com/centos/$basearch/$releasever/auth-48') }
Expand Down Expand Up @@ -154,6 +178,14 @@
it { is_expected.to contain_service('pdns').with('enable' => 'true') }
it { is_expected.to contain_service('pdns').with('name' => authoritative_service_name) }
it { is_expected.to contain_service('pdns').that_requires("Package[#{authoritative_package_name}]") }
it 'creates the pdns.conf file' do
is_expected.to contain_file(authoritative_config).with(
ensure: 'file',
owner: 'root',
group: 'pdns',
mode: '0640',
).that_comes_before('Service[pdns]')
end
end

context 'powerdns class with epel' do
Expand Down