From: Tom Hughes Date: Mon, 13 Mar 2023 20:20:02 +0000 (+0000) Subject: Simplify named configuration X-Git-Url: https://git.openstreetmap.org./chef.git/commitdiff_plain/cefb1fe9134e29ef41a021dc824d291407c94cb6 Simplify named configuration --- diff --git a/cookbooks/bind/attributes/default.rb b/cookbooks/bind/attributes/default.rb deleted file mode 100644 index 9ebc9219e..000000000 --- a/cookbooks/bind/attributes/default.rb +++ /dev/null @@ -1 +0,0 @@ -default[:bind] = {} diff --git a/cookbooks/bind/metadata.rb b/cookbooks/bind/metadata.rb index b7d5437a1..c3e00d349 100644 --- a/cookbooks/bind/metadata.rb +++ b/cookbooks/bind/metadata.rb @@ -6,4 +6,3 @@ description "Configures bind" version "1.0.0" supports "ubuntu" -depends "networking" diff --git a/cookbooks/bind/recipes/default.rb b/cookbooks/bind/recipes/default.rb index 10ab7ce0b..39f0ba2fd 100644 --- a/cookbooks/bind/recipes/default.rb +++ b/cookbooks/bind/recipes/default.rb @@ -17,18 +17,6 @@ # limitations under the License. # -include_recipe "networking" - -clients = search(:node, "roles:#{node[:bind][:clients]}") - -ipv4_clients = clients.collect do |client| - client.ipaddresses(:family => :inet) -end.flatten - -ipv6_clients = clients.collect do |client| - client.ipaddresses(:family => :inet6) -end.flatten - package "bind9" service "named" do @@ -48,7 +36,6 @@ template "/etc/bind/named.conf.options" do owner "root" group "root" mode "644" - variables :ipv4_clients => ipv4_clients, :ipv6_clients => ipv6_clients notifies :restart, "service[named]" end diff --git a/cookbooks/bind/templates/default/named.options.erb b/cookbooks/bind/templates/default/named.options.erb index 2ec4094dc..ac4f32303 100644 --- a/cookbooks/bind/templates/default/named.options.erb +++ b/cookbooks/bind/templates/default/named.options.erb @@ -1,38 +1,11 @@ # DO NOT EDIT - This file is being maintained by Chef -acl "osm" { - 127.0.0.1/32; -<% node.interfaces(:family => :inet).each do |interface| -%> - <%= interface[:network] %>/<%= interface[:prefix] %>; -<% end -%> -<% @ipv4_clients.sort.each do |address| -%> - <%= address %>/32; -<% end -%> - - ::1/128; -<% node.interfaces(:family => :inet6).each do |interface| -%> - <%= interface[:network] %>/<%= interface[:prefix] %>; -<% end -%> -<% @ipv6_clients.sort.each do |address| -%> - <%= address %>/128; -<% end -%> -}; - options { # Directory to use for any working files directory "/var/cache/bind"; -<% if node[:bind][:forwarders] -%> - # Forward any queries we can't answer - forwarders { -<% node[:bind][:forwarders].each do |forwarder| -%> - <%= forwarder %>; -<% end -%> - }; -<% end -%> - # Only allow queries from our machines - allow-query { osm; }; + allow-query { localnets; }; # Don't allow transfers allow-transfer { none; }; diff --git a/roles/fafnir.rb b/roles/fafnir.rb index 6a77bf6e1..2851687d4 100644 --- a/roles/fafnir.rb +++ b/roles/fafnir.rb @@ -2,9 +2,6 @@ name "fafnir" description "Master role applied to fafnir" default_attributes( - :bind => { - :clients => "equinix-dub" - }, :dhcpd => { :first_address => "10.0.79.1", :last_address => "10.0.79.254" diff --git a/roles/ironbelly.rb b/roles/ironbelly.rb index eb6ff6c53..e4ea23262 100644 --- a/roles/ironbelly.rb +++ b/roles/ironbelly.rb @@ -2,9 +2,6 @@ name "ironbelly" description "Master role applied to ironbelly" default_attributes( - :bind => { - :clients => "equinix-ams" - }, :dhcpd => { :first_address => "10.0.63.1", :last_address => "10.0.63.254" diff --git a/roles/ridley.rb b/roles/ridley.rb index 9b4b1f93c..804aace16 100644 --- a/roles/ridley.rb +++ b/roles/ridley.rb @@ -12,9 +12,6 @@ default_attributes( :max_connections_per_child => 10000 } }, - :bind => { - :clients => "ucl" - }, :dhcpd => { :first_address => "10.0.15.1", :last_address => "10.0.15.254"