Provides resources for installing and configuring both PowerDNS authoritative and recursor. It uses the official PowerDNS repositories for packages and installs the appropiate configuration for your platform's init system.
When upgrading to the 6.x series, please pay special attention to your config and service resources which use the instance_name
property. We have introduced a new virtual
property to the config and service resources to more clearly mark them as a virtual instance versus the default one configured via the install resource. If you used instance_name ''
to refer to the default instance, you can safely remove this property or leave it as-is. If you do use another name, then you will want to set virtual true
in your config and service resources.
We have also changed the behavior of the socket_dir
property on the service resources because it was incorrectly setup. It will be removed in a future release as it is a source of confusion (and bug) and a more advanced option for very specific use cases.
Operating systems like Ubuntu 18.04 and greater that ship with systemd-resolved configured to run by default will need this disabled and to manually configure your resolv.conf if you are running PowerDNS Authoritative on default ports. You can look at the test cookbook for a simple example of how to handle this.
- Ubuntu 14.04 and newer
- Debian 8 and newer
- RHEL 7 and newer
- CentOS 6.9 and newer
- Chef 13 or newer
- SysV
- systemd
Combine the different resources in order to install, configure, and manage your PowerDNS instances. This is a list of resouces that can be used:
Resource | Functionality |
---|---|
pdns_authoritative_install | Installs an authoritative server |
pdns_authoritative_config | Configures an authoritative instance |
pdns_authoritative_service | Manages an authoritative instance |
pdns_recursor_install | Installs a recusor |
pdns_recursor_config | Configures a recursor instance  |
pdns_recursor_service | Manages a a recursor instance |
To fully configure an authoritative server you need to add at least 3 resources to your recipe, pdns_authoritative_install
, pdns_authoritative_config
and pdns_authoritative_service
. If you want to install any backend other than the default (bind) for the authoritative server you need to install the corresponding packages for the backend you want. There is an example for a postgresql backend in test/cookbooks/pdns_test/recipes/
.
For a recursor use the pdns_recursor_install
, pdns_recursor_config
, and pdns_recursor_service
resources in your wrapper cookbooks to install, configure, and define PowerDNS recursors. Set the different properties on the resources according to your install and configuration needs. You can see a good example of this in test/cookbooks/pdns_test/recipes_recursor_install_single.rb
For advanced use it is recommended to take a look at the chef resources themselves.
If you wish to create multiple running copies of PowerDNS via Virtual Configurations you can set the virtual property on both the config and service resources. The name of the virtual instance will default to either the name of the resource or the 'instance_name' value of the resource if it is set. PowerDNS parses the name of the instance by breaking apart the first hyphen it sees so all virtual service names start with the service type and a hyphen. For example:
pdns_authoritative_config 'server_01' do
virtual true
launch ['gpgsql']
variables(
gpgsql_host: '127.0.0.1',
gpgsql_user: 'pdns',
gpgsql_port: 5432,
gpgsql_dbname: 'pdns',
gpgsql_password: 'wadus'
)
action :create
end
pdns_authoritative_service 'service_01' do
virtual true
action [:enable, :start]
end
Will create a file named /etc/powerdns/pdns-server_01.conf
:
launch ['gpgsql']
gpgsql-host=127.0.0.1
gpgsql-user=pdns
gpgsql-port=5432
gpgsql-dbname=pdns
gpgsql-password=wadus
And a service named pdns-server_01
which is symbolically linked linked to pdns
if you are using SysVinit.
Most properties are simple ruby strings, but there is another cases that require special attention. Properties specified as elements in arrays will be split up (see split ruby method) and separated by commas. Boolean properties will be always translated to 'yes' or 'no'. Some properties need to be set consistently accross resources, they will be noted in their specific sections at the top under 'Consistent?'. Most of the properties are optional and have sane defaults, so they are only recommended for customized installs.
Installs PowerDNS authoritative server 4.1.x series using PowerDNS official repository in the supported platforms.
Name | Type | Default value |
---|---|---|
version | String | '' |
series | String | '41' |
debug | true, false | false |
allow_upgrade | true, false | false |
backends | Array | nil |
Note: When specifying the backends, the name of the backend must match the repository package. For example, in Debian systems the Postgresql backend is actually named pgsql
while on RHEL systems it is postgresql
. Consider using the value_for_platform
if you are installing on multiple platforms. There is an example of this technique in the test folder cookbook recipe.
Install the latest 4.1.x series PowerDNS Authoritative Server
pdns_authoritative_install 'server_01'
Install the latest 4.0.x series PowerDNS Authoritative Server
pdns_authoritative_install 'server_01' do
series '40'
end
Install and upgrade to the latest 4.0.x PowerDNS Authoritative Server release
pdns_authoritative_install 'server_01' do
series '40'
allow_upgrade true
end
Install the latest 4.1.x series PowerDNS Authoritative Server with the MySQL and Lua backends
pdns_authoritative_install 'server_01' do
series '41'
backends ['mysql', 'lua']
end
Creates a PowerDNS recursor configuration, there is a fixed set of required properties (listed below) but most of the configuration is left to the user freely, every property set in the variables
hash property will be rendered in the config template. Remember that using underscores _
for property names is required and it's translated to hyphens -
in configuration templates.
Name | Class | Default value | Consistent? |
---|---|---|---|
instance_name | String | name_property | Yes |
virtual | Boolean | false | No |
launch | Array, nil | ['bind'] | No |
config_dir | String | see default_authoritative_config_directory helper method |
Yes |
socket_dir | String | "/var/run/#{resource.instance_name}" | Yes |
run_group | String | see default_authoritative_run_user helper method |
No |
run_user | String | see default_authoritative_run_user helper method |
No |
run_user_home | String | see default_user_attributes helper method |
No |
run_user_shell | String | see default_user_attributes helper method |
No |
setuid | String | resource.run_user | No |
setgid | String | resource.run_group | No |
source | String,nil | 'authoritative_service.conf.erb' | No |
cookbook | String,nil | 'pdns' | No |
variables | Hash | { bind_config: "#{resource.config_dir}/bindbackend.conf" } | No |
Create a PowerDNS authoritative configuration file named server-01
:
pdns_authoritative_config 'server_01' do
virtual true
launch ['gpgsql']
variables(
gpgsql_host: '127.0.0.1',
gpgsql_user: 'pdns',
gpgsql_port: 5432,
gpgsql_dbname: 'pdns',
gpgsql_password: 'wadus',
allow_axfr_ips: [ '127.0.0.0/8', '::1', '195.234.23,34'],
api: true,
api-_eadonly: true
)
action :create
end
Creates a service to manage a PowerDNS authoritative instance. This service supports all the regular actions (start, stop, restart, etc.). Check the compatibility section to see which init services are supported.
Important: services are not restarted or reloaded automatically on config changes in this cookbook, you need to add this in your wrapper cookbook if you desire this functionality, the pdns_authoritative_service
cookbook provides actions to do it.
Name | Class | Default value | Consistent? |
---|---|---|---|
instance_name | String | name_property | Yes |
virtual | Boolean | false | No |
cookbook | String | 'pdns' | No |
source | String | 'authoritative.init.debian.erb' | No |
config_dir | String | See default_authoritative_config_directory helper method |
Yes |
socket_dir | String | "/var/run/#{instance_name}" | Yes |
variables | Hash | {} | No |
To enable and start the default PowerDNS Authoritative server
pdns_authoritative_service 'default' do
action [:enable, :start]
end
To enable and start a virtual PowerDNS instance called 'server_01'
pdns_authoritative_service 'server_01' do
virtual true
action [:enable, :start]
end
Installs PowerDNS recursor 4.1.x series using PowerDNS official repository in the supported platforms.
Name | Type | Default value |
---|---|---|
version | String | '' |
series | String | '41' |
debug | true, false | false |
allow_upgrade | true, false | false |
Install the latest 4.1.x release PowerDNS recursor
pdns_recursor_install 'latest_4_1_x_recursor'
Install the latest 4.0.x release PowerDNS recursor
pdns_recursor_install 'my_recursor' do
series '40'
end
Install and upgrade to the latest 4.0.x PowerDNS recursor release
pdns_recursor_install 'my_recursor' do
series '40'
allow_upgrade true
end
Sets up a PowerDNS recursor instance using the appropiate init system .
Important: services not restarted or reloaded automatically on config changes in this cookbook, you need to add this in your wrapper cookbook if you desire this functionality, the pdns_recursor_service
cookbook provides actions to do it.
Name | Class | Default value |
---|---|---|
instance_name | String | Resource name |
virtual | Boolean | false |
config_dir | String | see default_recursor_config_directory helper method |
cookbook (SysVinit) | String,nil | 'pdns' |
source (SysVinit) | String,nil | 'recursor.init.#{node['platform_family']}.erb' |
variables (SysVinit) | Hash | {} |
config_dir
: Path of the recursor configuration directory.cookbook
: Cookbook for a custom configuration template (Applied only when using SysVinit).source
: Name of the recursor custom template (Applied only when using SysVinit).variables
: Variables hash to pass to the sysvinit template
Disable the default PowerDNS recursor install service
pdns_recursor_service 'default' do
action [:disable, :stop]
end
Configure a virtual PowerDNS recursor service instance named 'my_recursor' in your wrapper cookbook for Acme Corp with a custom template named my-recursor.erb
pdns_recursor_service 'my_recursor' do
virtual true
source 'my-recursor.erb'
cookbook 'acme-pdns-recursor'
end
Creates a PowerDNS recursor configuration.
Name | Class | Default value |
---|---|---|
instance_name | String | Resource name |
virtual | Boolean | false |
config_dir | String | see default_recursor_config_directory helper method |
socket_dir | String | /var/run/#{resource.instance_name} |
run_group | String | see default_recursor_run_user helper method |
run_user | String | see default_recursor_run_user helper method |
run_user_home | String | see default_user_attributes helper method |
run_user_shell | String | see default_user_attributes helper method |
setuid | String | resource.run_user |
setgid | String | resource.run_group |
source | String, nil | 'recursor_service.conf.erb' |
cookbook | String, nil | 'pdns' |
variables | Hash | {} |
virtual
: Is this a virtual instance or the default?config_dir
: Path of the recursor configuration directory.socket_dir
: Directory where sockets are created.source
: Name of the recursor custom template.socket_dir
: Directory where sockets are created.cookbook
: Cookbook for a custom configuration templatevariables
: Variables for the configuration template.run_group
: Unix group that runs the recursor.run_user
: Unix user that runs the recursor.run_user_home
: Home of the Unix user that runs the recursor.run_user_shell
: Shell of the Unix user that runs the recursor.
Customize the default recursor installation and change it's port to 54:
pdns_recursor_config 'default' do
variables(
'local-port' => '54'
)
end
Create a PowerDNS recursor configuration named 'my_recursor' in your wrapper cookbook for Acme Corp which uses a custom template named my-recursor.erb
and a few attributes:
pdns_recursor_config 'my_recursor' do
virtual true
source 'my-recursor.erb'
cookbook 'acme-pdns-recursor'
variables(client-tcp-timeout: '20', loglevel: '5', network-timeout: '2000')
end
PowerDNS supports virtual hosting: running many instances of PowerDNS on different ports on the same machine. This is done by a few clever hacks on the init scripts that allow to specify different config files for each instance. This cookbook leverages this functionality in both recursor and authoritative.
PowerDNS recommends a specific naming schema authoritative for virtual hosting. Specifically it does not allow hyphens (-) on the init scripts beyond the first which is provided by the init script (/etc/init.d/pdns-
).
We have adopted the convention of using underscores (_) in the name attributes of underscores in order to comply with this requirement.
There is an specific file for contributing guidelines on this cokbook: CONTRIBUTING.md
There is an specific file for testing guidelines on this cokbook: TESTING.md
Copyright (c) 2010-2014, Chef Software, Inc Copyright (c) 2014-2020, DNSimple Corporation
Licensed under the Apache License, Version 2.0.