saltstack-formulas · ixs · May 3, 2019 · May 3, 2019 · May 3, 2019 · javierbertoli
@@ -83,6 +83,18 @@ bind_config:
     - watch_in:
       - service: bind
 
+{%- if salt['pillar.get']('bind:config:enable_logging') is not none %}
+bind_local_config_deprecated_logging:
+  test.show_notification:
+    - text: Pillar data contains enable_logging. This parameter is deprecated and has been renamed enable_query_log.
+{%- endif %}
+
+{%- if (salt['pillar.get']('bind:config:enable_logging') or salt['pillar.get']('bind:config:enable_query_log')) and salt['pillar.get']('bind:config:use_extensive_logging') %}
+bind_local_config_logging_extensive_fail:
+  test.fail_without_changes:
+    - name: Pillar data uses enable_logging/enable_query_log and use_extensive_logging. These are mutually exclusive.
+{%- endif %}
+
 bind_local_config:
   file.managed:
     - name: {{ map.local_config }}

@@ -132,10 +132,10 @@ view {{ view }} {
 };
 {%- endfor %}
 
-{%- if salt['pillar.get']('bind:config:enable_logging', True) %}
 {%- if salt['pillar.get']('bind:config:use_extensive_logging', False) %}
 include "{{ map.logging_config }}";
-{% else %}
+{#- bind:config:enable_logging is deprecated. TODO: Remove the or part of the condition below after a while. #}
+{% elif salt['pillar.get']('bind:config:enable_query_log', False) or salt['pillar.get']('bind:config:enable_logging', False) %}
 logging {
   channel "querylog" {
     file "{{ map.log_dir }}/query.log";
@@ -144,7 +144,6 @@ logging {
   category queries { querylog; };
 };
 {%- endif %}
-{%- endif %}
 
 {%- if salt['pillar.get']('bind:controls', False) %}
 controls {

@@ -35,6 +35,7 @@
         'zones_source_dir': 'zones',
         'config': '/etc/named.conf',
         'local_config': '/etc/named.conf.local',
+        'logging_config': '/etc/named/logging.conf',
         'default_config': '/etc/sysconfig/named',
         'named_directory': '/var/named',
         'chroot_dir': '',
@@ -63,6 +64,7 @@
         'zones_source_dir': 'zones',
         'config': '/etc/named.conf',
         'local_config': '/etc/named.conf.local',
+        'logging_config': '/etc/named.conf.logging',
         'named_directory': '/var/named',
         'chroot_dir': '',
         'log_dir': '/var/log/named',
@@ -102,6 +104,7 @@
         'zones_source_dir': 'zones',
         'config': '/etc/named.conf',
         'local_config': '/etc/named.d/named.conf.local',
+        'logging_config': '/etc/named.d/logging.conf',
         'default_config': '/etc/sysconfig/named',
         'named_directory': '/var/lib/named',
         'chroot_dir': '/var/lib/named',

@@ -28,10 +28,10 @@ bind:
     user: root                                    # File & Directory user
     group: named                                  # File & Directory group
     mode: 640                                     # File & Directory mode
-    enable_logging: true                          # Enable basic query logging
-    use_extensive_logging:                        # Enable extensive config for logging. Partial example. For proposed settings please refer to
-      channel:                                    # https://kb.isc.org/article/AA-01526/0/BIND-Logging-some-basic-recommendations.html
-        default_log:
+    enable_query_log: true                        # Enable basic query logging in $log_dir/query.log
+    use_extensive_logging:                        # Alternatively, enable much more extensive config for logging.
+      channel:                                    # Partial example. For proposed settings please refer to
+        default_log:                              # https://kb.isc.org/article/AA-01526/0/BIND-Logging-some-basic-recommendations.html
           file: default                           
           size: '200m'                            # size of a individual file (default 20m)
           versions: '10'                          # how many files will be stored (default 3)

@@ -147,7 +147,7 @@
     # Match 100.51.198 reverse zone from pillar
     its('content') { should match /^zone\ "100\.51\.198\.in-addr\.arpa"\ {\n\ \ type\ master;\n\ \ file\ "#{zones_directory}\/100\.51\.198\.in-addr\.arpa";\n\ \ \n\ \ notify\ no;\n\};/ }
     # Match logging
-    its('content') { should match /^logging\ \{\n\ \ channel\ "querylog"\ {\n\ \ \ \ file\ "#{log_directory}\/query\.log";\n\ \ \ \ print-time\ yes;\n\ \ \};\n\ \ category\ queries\ \{\ querylog;\ \};\n\};/ }
+    its('content') { should_not match /^logging\ \{\n\ \ channel\ "querylog"\ {\n\ \ \ \ file\ "#{log_directory}\/query\.log";\n\ \ \ \ print-time\ yes;\n\ \ \};\n\ \ category\ queries\ \{\ querylog;\ \};\n\};/ }
     # Match acl1
     its('content') { should match /acl\ client1\ \{\n\ \ 127\.0\.0\.0\/8;\n\ \ 10\.20\.0\.0\/16;\n\};/ }
     # Match acl2