66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
# File 'modules/dnsdist/manifests/init.pp', line 66
class dnsdist (
Dnsdist::Resolver $resolver,
Dnsdist::TLS_common $tls_common,
Dnsdist::TLS_config $tls_config_doh,
Dnsdist::TLS_config $tls_config_dot,
Boolean $enable_wikidough = true,
Array[String[1]] $doh_paths = ['/', '/dns-query'],
Boolean $enable_packetcache = true,
Integer[1] $packetcache_max = 10000000,
Integer[0] $ringbuffer_max = 0,
Integer[1] $tcp_client_threads_max = 20,
Boolean $enable_console = false,
Optional[String] $console_key = undef,
Boolean $enable_webserver = false,
Boolean $drop_querytype_any = true,
Optional[Dnsdist::Webserver_config] $webserver = undef,
Boolean $enable_ecs = true,
Boolean $enable_landing = false,
Optional[String] $landing_text = undef,
Dnsdist::Http_headers $custom_headers = {},
) {
if ($enable_console and $console_key == undef) {
fail('Console access is enabled but no key was set.')
}
if ($enable_webserver and $webserver == undef) {
fail('Web server access is enabled but no configuration was set.')
}
apt::package_from_component { 'dnsdist':
component => 'component/dnsdist',
}
file { '/etc/dnsdist/dnsdist.conf':
ensure => 'present',
require => Package['dnsdist'],
owner => 'root',
group => '_dnsdist',
mode => '0440',
content => template('dnsdist/dnsdist.conf.erb'),
validate_cmd => '/usr/bin/dnsdist --check-config --config %',
}
systemd::service { 'dnsdist':
ensure => present,
override => true,
restart => true,
content => template('dnsdist/dnsdist-systemd-override.conf.erb'),
require => [
Package['dnsdist'],
File['/etc/dnsdist/dnsdist.conf'],
],
service_params => {
restart => '/bin/systemctl reload dnsdist.service',
enable => true,
},
}
}
|