Merge pull request thias#65 from inkblot/defaults-not-params

Turn `params` into `defaults` and formalize it

data/common.yaml

@@ -1,10 +1,11 @@
 ---
-bind::params::supported: false
+bind::defaults::supported: false
+bind::defaults::random_device: '/dev/random'
+bind::defaults::rndc: true
 
 bind::forwarders: ''
 bind::dnssec: true
 bind::version: ''
-bind::random_device: '/dev/random'
 bind::include_local: false
 
 bind::updater::keydir: '/etc/nsupdate-keys'

data/osfamily/Debian.yaml

@@ -1,13 +1,12 @@
 ---
-bind::params::supported: true
-bind::params::bind_user: 'bind'
-bind::params::bind_group: 'bind'
-bind::params::bind_package: 'bind9'
-bind::params::bind_service: 'bind9'
-bind::params::nsupdate_package: 'dnsutils'
-bind::params::confdir: '/etc/bind'
-bind::namedconf: '/etc/bind/named.conf'
-bind::cachedir: '/var/cache/bind'
-bind::rndc: true
+bind::defaults::supported: true
+bind::defaults::bind_user: 'bind'
+bind::defaults::bind_group: 'bind'
+bind::defaults::bind_package: 'bind9'
+bind::defaults::bind_service: 'bind9'
+bind::defaults::nsupdate_package: 'dnsutils'
+bind::defaults::confdir: '/etc/bind'
+bind::defaults::namedconf: '/etc/bind/named.conf'
+bind::defaults::cachedir: '/var/cache/bind'
 
 bind::updater::keydir: '/etc/bind/keys'

data/osfamily/RedHat.yaml

@@ -1,14 +1,13 @@
 ---
-bind::params::supported: true
-bind::params::bind_user: 'named'
-bind::params::bind_group: 'named'
-bind::params::bind_package: 'bind'
-bind::params::bind_service: 'named'
-bind::params::nsupdate_package: 'bind-utils'
-bind::params::managed_keys_directory: '/var/named/dynamic'
-bind::params::confdir: '/etc/named'
-bind::namedconf: '/etc/named.conf'
-bind::cachedir: '/var/named'
-bind::rndc: true
+bind::defaults::supported: true
+bind::defaults::bind_user: 'named'
+bind::defaults::bind_group: 'named'
+bind::defaults::bind_package: 'bind'
+bind::defaults::bind_service: 'named'
+bind::defaults::nsupdate_package: 'bind-utils'
+bind::defaults::managed_keys_directory: '/var/named/dynamic'
+bind::defaults::confdir: '/etc/named'
+bind::defaults::namedconf: '/etc/named.conf'
+bind::defaults::cachedir: '/var/named'
 
 bind::updater::keydir: '/etc/named/keys'

manifests/defaults.pp

@@ -0,0 +1,19 @@
+# ex: syntax=puppet si ts=4 sw=4 et
+
+class bind::defaults (
+    $supported              = undef,
+    $confdir                = undef,
+    $namedconf              = undef,
+    $cachedir               = undef,
+    $random_device          = undef,
+    $bind_user              = undef,
+    $bind_group             = undef,
+    $bind_package           = undef,
+    $bind_service           = undef,
+    $nsupdate_package       = undef,
+    $managed_keys_directory = undef,
+) {
+    unless $supported {
+        fail('Platform is not supported')
+    }
+}

manifests/init.pp

@@ -1,17 +1,14 @@
 # ex: syntax=puppet si ts=4 sw=4 et
 
 class bind (
-    $namedconf       = undef,
-    $cachedir        = undef,
-    $forwarders      = undef,
-    $dnssec          = undef,
-    $version         = undef,
+    $forwarders      = '',
+    $dnssec          = true,
+    $version         = '',
     $rndc            = undef,
     $statistics_port = undef,
-    $random_device   = undef,
-    $include_local   = undef,
-) inherits bind::params {
-    $auth_nxdomain = false
+    $auth_nxdomain   = false,
+    $include_local   = false,
+) inherits bind::defaults {
 
     File {
         ensure  => present,

manifests/key.pp

@@ -5,13 +5,13 @@
     $secret_bits = 256,
     $algorithm   = 'hmac-sha256',
     $owner       = 'root',
-    $group       = $bind::params::bind_group,
+    $group       = $::bind::defaults::bind_group,
     $keydir      = $::bind::keydir::keydir,
     $keyfile     = undef,
     $include     = true,
 ) {
-    include bind::params
-    $confdir = $::bind::params::confdir
+    # Pull some platform defaults into the local scope
+    $confdir = $::bind::defaults::confdir
 
     # Generate a key of size $secret_bits if no $secret
     $secret_actual = $secret ? {
@@ -45,7 +45,7 @@
 
         concat::fragment { "bind-key-${name}":
             order   => '10',
-            target  => "${bind::params::confdir}/keys.conf",
+            target  => "${confdir}/keys.conf",
             content => "include \"${keydir}/${key_file_name}\";\n",
         }
     }

manifests/updater.pp

@@ -2,7 +2,7 @@
 
 class bind::updater (
     $keydir = undef,
-) inherits bind::params {
+) inherits bind::defaults {
 
     if $nsupdate_package {
         package { 'nsupdate':

manifests/zone.pp

@@ -21,8 +21,13 @@
 ) {
     # where there is a zone, there is a server
     include bind
-    $cachedir = $::bind::cachedir
-    $random_device = $::bind::random_device
+
+    # Pull some platform defaults into the local scope
+    $cachedir = $::bind::defaults::cachedir
+    $random_device = $::bind::defaults::random_device
+    $bind_user = $::bind::defaults::bind_user
+    $bind_group = $::bind::defaults::bind_group
+
     $_domain = pick($domain, $name)
 
     unless !($masters != '' and ! member(['slave', 'stub'], $zone_type)) {
@@ -75,17 +80,17 @@
     if member(['init', 'managed', 'allowed'], $zone_file_mode) {
         file { "${cachedir}/${name}":
             ensure  => directory,
-            owner   => $::bind::params::bind_user,
-            group   => $::bind::params::bind_group,
+            owner   => $bind_user,
+            group   => $bind_group,
             mode    => '0755',
             require => Package['bind'],
         }
 
         if member(['init', 'managed'], $zone_file_mode) {
             file { "${cachedir}/${name}/${_domain}":
                 ensure  => present,
-                owner   => $::bind::params::bind_user,
-                group   => $::bind::params::bind_group,
+                owner   => $bind_user,
+                group   => $bind_group,
                 mode    => '0644',
                 replace => ($zone_file_mode == 'managed'),
                 source  => pick($source, 'puppet:///modules/bind/db.empty'),
@@ -96,7 +101,7 @@
         if $zone_file_mode == 'managed' {
             exec { "rndc reload ${_domain}":
                 command     => "/usr/sbin/rndc reload ${_domain}",
-                user        => $::bind::params::bind_user,
+                user        => $bind_user,
                 refreshonly => true,
                 require     => Service['bind'],
                 subscribe   => File["${cachedir}/${name}/${_domain}"],
@@ -113,7 +118,7 @@
             command => "/usr/local/bin/dnssec-init '${cachedir}' '${name}'\
                 '${_domain}' '${key_directory}' '${random_device}' '${nsec3_salt}'",
             cwd     => $cachedir,
-            user    => $::bind::params::bind_user,
+            user    => $bind_user,
             creates => "${cachedir}/${name}/${_domain}.signed",
             timeout => 0, # crypto is hard
             require => [
@@ -123,8 +128,8 @@
         }
 
         file { "${cachedir}/${name}/${_domain}.signed":
-            owner => $::bind::params::bind_user,
-            group => $::bind::params::bind_group,
+            owner => $bind_user,
+            group => $bind_group,
             mode  => '0644',
             audit => [ content ],
         }
@@ -133,7 +138,7 @@
     file { "${::bind::confdir}/zones/${name}.conf":
         ensure  => present,
         owner   => 'root',
-        group   => $::bind::params::bind_group,
+        group   => $bind_group,
         mode    => '0644',
         content => template('bind/zone.conf.erb'),
         notify  => Service['bind'],

spec/fixtures/hiera/common.yaml

@@ -1,3 +1,3 @@
 ---
-bind::params::confdir: '_CONFDIR_'
-bind::namedconf: '_NAMEDCONF_'
+bind::defaults::confdir: '_CONFDIR_'
+bind::defaults::namedconf: '_NAMEDCONF_'