{"id":19249259,"url":"https://github.com/sous-chefs/bind","last_synced_at":"2025-04-21T12:31:28.982Z","repository":{"id":3517400,"uuid":"4575630","full_name":"sous-chefs/bind","owner":"sous-chefs","description":"Development repository for the bind cookbook","archived":false,"fork":false,"pushed_at":"2024-02-01T00:02:36.000Z","size":385,"stargazers_count":36,"open_issues_count":5,"forks_count":48,"subscribers_count":21,"default_branch":"main","last_synced_at":"2024-04-14T06:09:21.879Z","etag":null,"topics":["bind","chef","chef-cookbook","chef-resource","hacktoberfest","managed-by-terraform"],"latest_commit_sha":null,"homepage":"https://supermarket.chef.io/cookbooks/bind","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sous-chefs.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null},"funding":{"open_collective":"sous-chefs"}},"created_at":"2012-06-06T17:29:18.000Z","updated_at":"2024-04-17T03:38:25.085Z","dependencies_parsed_at":"2023-09-24T06:58:48.958Z","dependency_job_id":"c24ad70e-144f-473f-8dcf-fbeb9746e7b8","html_url":"https://github.com/sous-chefs/bind","commit_stats":{"total_commits":267,"total_committers":23,"mean_commits":"11.608695652173912","dds":0.7752808988764045,"last_synced_commit":"93a24dfe74c32d25010c93194cffa2366af0c882"},"previous_names":[],"tags_count":42,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sous-chefs%2Fbind","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sous-chefs%2Fbind/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sous-chefs%2Fbind/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sous-chefs%2Fbind/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sous-chefs","download_url":"https://codeload.github.com/sous-chefs/bind/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223193698,"owners_count":17103785,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bind","chef","chef-cookbook","chef-resource","hacktoberfest","managed-by-terraform"],"created_at":"2024-11-09T18:13:26.678Z","updated_at":"2024-11-09T18:13:27.209Z","avatar_url":"https://github.com/sous-chefs.png","language":"Ruby","readme":"# bind Cookbook\n\n[![Cookbook Version](https://img.shields.io/cookbook/v/selnux.svg)](https://supermarket.chef.io/cookbooks/bind)\n[![CI State](https://github.com/sous-chefs/bind/workflows/ci/badge.svg)](https://github.com/sous-chefs/bind/actions?query=workflow%3Aci)\n[![OpenCollective](https://opencollective.com/sous-chefs/backers/badge.svg)](#backers)\n[![OpenCollective](https://opencollective.com/sous-chefs/sponsors/badge.svg)](#sponsors)\n[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0)\n\n## Description\n\nA chef cookbook to manage BIND servers and zones.\n\n## Requirements\n\nThis cookbook follows the library pattern. To use the cookbook effectively you'll need a wrapper cookbook that uses the resources provided in this cookbook.\n\nA default recipe is provided. It only provides a basic recursive name server.\n\n### Platforms\n\n- CentOS/RHEL 7+\n- Debian 10+\n- Ubuntu 18.04+\n\n### Chef\n\n- Chef 15.3+\n\n## Attributes\n\nMost attributes have been removed in favour of custom resources. See the [MIGRATION.md](MIGRATION.md) document.\n\n## Resources\n\nThe following resources are provided:\n\n- [bind_acl](documentation/bind_acl.md)\n- [bind_config](documentation/bind_config.md)\n- [bind_forward_zone](documentation/bind_forward_zone.md)\n- [bind_key](documentation/bind_key.md)\n- [bind_linked_zone](documentation/bind_linked_zone.md)\n- [bind_logging_category](documentation/bind_logging_category.md)\n- [bind_logging_channel](documentation/bind_logging_channel.md)\n- [bind_primary_zone](documentation/bind_primary_zone.md)\n- [bind_primary_zone_template](documentation/bind_primary_zone_template.md)\n- [bind_secondary_zone](documentation/bind_secondary_zone.md)\n- [bind_server](documentation/bind_server.md)\n- [bind_service](documentation/bind_service.md)\n- [bind_stub_zone](documentation/bind_stub_zone.md)\n- [bind_view](documentation/bind_view.md)\n\n## Usage\n\nUsing custom resources leads to a quite flexible configuration, but requires a little bit more work in a wrapper cookbook to use. The following examples are presented here:\n\n- Internal recursive nameserver\n- Authoritative primary nameserver\n- Authoritative secondary nameserver\n- Using views for internal recursion and external authoritative name service\n\n### Internal recursive nameserver\n\n```ruby\nbind_service 'default' do\n  action [:create, :start]\nend\n\nbind_config 'default' do\n  ipv6_listen true\n  options [\n    'check-names slave ignore',\n    'multi-master yes',\n    'provide-ixfr yes',\n    'recursive-clients 10000',\n    'request-ixfr yes',\n    'allow-notify { acl-dns-masters; acl-dns-slaves; }',\n    'allow-query { example-lan; localhost; }',\n    'allow-query-cache { example-lan; localhost; }',\n    'allow-recursion { example-lan; localhost; }',\n    'allow-transfer { acl-dns-masters; acl-dns-slaves; }',\n    'allow-update-forwarding { any; }',\n  ]\nend\n\nbind_acl 'acl-dns-masters' do\n  entries [\n    '! 10.1.1.1',\n    '10/8'\n  ]\nend\n\nbind_acl 'acl-dns-slaves' do\n  entries [\n    'acl-dns-masters'\n  ]\nend\n\nbind_acl 'example-lan' do\n  entries [\n    '10.2/16',\n    '10.3.2/24',\n    '10.4.3.2'\n  ]\nend\n```\n\n### Authoritative primary nameserver\n\nThere are two ways to create primary zone files with this cookbook. The first is by providing a complete zone file that is placed in the correct directory (and is added to the nameserver configuration by using the `bind_primary_zone` resource). The second way is by using the `bind_primary_zone_template` resource. To use this you need to provide an array of hashes containing the records you want to be added to the zone file.\n\nThe following example has both options shown. In a wrapper cookbook add the code below with appropriate modifications.\n\nYou'll need to configure the ACL entries (and names) for the example-lan and acl-dns-masters ACLs for your local configuration.\n\nYou will also need to arrange for the zone files to be placed in the configured location (which is OS dependent by default).\n\nResource style:\n\n```ruby\nbind_service 'default' do\n  action [:create, :start]\nend\n\nbind_config 'default' do\n  ipv6_listen true\n  options [\n    'recursion no',\n    'allow-query { any; }',\n    'allow-transfer { external-private-interfaces; external-dns; }',\n    'allow-notify { external-private-interfaces; external-dns; localhost; }',\n    'listen-on-v6 { any; }'\n  ]\nend\n\nbind_acl 'external-private-interfaces' do\n  entries [\n  ]\nend\n\nbind_acl 'external-dns' do\n  entries [\n  ]\nend\n\ncookbook_file '/var/named/primary/db.example.com' do\n  owner 'named'\n  group 'named'\n  mode '0440'\n  action :create\nend\n\nbind_primary_zone 'example.com'\n\nbind_primary_zone_template 'example.org' do\n  soa serial: 100\n  default_ttl 200\n  records [\n    { type: 'NS', rdata: 'ns1.example.org.' },\n    { type: 'NS', rdata: 'ns2.example.org.' },\n    { type: 'MX', rdata: '10 mx1.example.org.' },\n    { type: 'MX', rdata: '20 mx1.example.org.' },\n    { owner: 'www', type: 'A', ttl: 20, rdata: '10.5.0.1' },\n    { owner: 'ns1', type: 'A', ttl: 20, rdata: '10.5.1.1' },\n    { owner: 'ns2', type: 'A', ttl: 20, rdata: '10.5.2.1' },\n    { owner: 'mx1', type: 'A', ttl: 20, rdata: '10.5.1.100' },\n    { owner: 'mx2', type: 'A', ttl: 20, rdata: '10.5.2.100' },\n  ]\nend\n```\n\n### Authoritative secondary nameserver\n\nIn a wrapper cookbook add the code below with appropriate modifications.\n\nYou'll need to configure the ACL entries (and names) for the example-lan and acl-dns-masters ACLs for your local configuration.\n\n```ruby\nbind_service 'default' do\n  action [:create, :start]\nend\n\nbind_config 'default' do\n  ipv6_listen true\n  options [\n    'recursion no',\n    'allow-query { any; }',\n    'allow-transfer { external-private-interfaces; external-dns; }',\n    'allow-notify { external-private-interfaces; external-dns; localhost; }',\n    'listen-on-v6 { any; }'\n  ]\nend\n\nbind_acl 'acl-dns-masters' do\n  entries [\n    '! 10.1.1.1',\n    '10/8'\n  ]\nend\n\nbind_acl 'acl-dns-slaves' do\n  entries [\n    'acl-dns-masters'\n  ]\nend\n\nbind_acl 'example-lan' do\n  entries [\n    '10.2/16',\n    '10.3.2/24',\n    '10.4.3.2'\n  ]\nend\n\nbind_secondary_zone 'example.com' do\n  primaries %w(192.0.2.10 192.0.2.11 192.0.2.12)\nend\n\nbind_secondary_zone 'example.org' do\n  primaries %w(192.0.2.10 192.0.2.11 192.0.2.12)\nend\n```\n\n### Using views for internal recursion and external authoritative name service\n\nUsing the `bind_view` resource allows you to configure one or more views in the configuration. When using `bind_view` you will need to tell the zone resources which view they should be configured in. If this is omitted the zone will be configured in the `bind_config` property `default_view` (which defaults to `default`).\n\n```ruby\nbind_service 'default'\n\nbind_config 'default' do\n  default_view 'external'\nend\n\nbind_view 'internal' do\n  match_clients ['10.0.0.0/8']\n  options [\n    'recursion yes'\n  ]\nend\n\nbind_primary_zone 'internal-example.com' do\n  view 'internal'\n  zone_name 'example.com'\nend\n\nbind_primary_zone 'secret.example.com' do\n  view 'internal'\nend\n\nbind_view 'external' do\n  options [\n    'recursion no'\n  ]\nend\n\nbind_primary_zone 'example.com'\n```\n\n### Nameserver in chroot mode\n\nThe `bind_service` and `bind_config` resources can accept a boolean `true` or `false` for `chroot`, declaring whether or not to install the BIND server in a chroot manner. If one provider declares this value, the other must match or the converge will fail. Currently all supported platforms except Ubuntu 16.04 LTS are supported with chrooted configuration. By default, this is set to `false`\n\n```ruby\nbind_service 'default' do\n  chroot true\n  action :create\nend\n\nbind_config 'default' do\n  chroot true\n  options [\n    'recursion no',\n    'allow-transfer { internal-dns; }'\n  ]\nend\n```\n\n## Maintainers\n\nThis cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit [sous-chefs.org](https://sous-chefs.org/) or come chat with us on the Chef Community Slack in [#sous-chefs](https://chefcommunity.slack.com/messages/C2V7B88SF).\n\n## Contributors\n\nThis project exists thanks to all the people who [contribute.](https://opencollective.com/sous-chefs/contributors.svg?width=890\u0026button=false)\n\n### Backers\n\nThank you to all our backers!\n\n![https://opencollective.com/sous-chefs#backers](https://opencollective.com/sous-chefs/backers.svg?width=600\u0026avatarHeight=40)\n\n### Sponsors\n\nSupport this project by becoming a sponsor. Your logo will show up here with a link to your website.\n\n![https://opencollective.com/sous-chefs/sponsor/0/website](https://opencollective.com/sous-chefs/sponsor/0/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/1/website](https://opencollective.com/sous-chefs/sponsor/1/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/2/website](https://opencollective.com/sous-chefs/sponsor/2/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/3/website](https://opencollective.com/sous-chefs/sponsor/3/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/4/website](https://opencollective.com/sous-chefs/sponsor/4/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/5/website](https://opencollective.com/sous-chefs/sponsor/5/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/6/website](https://opencollective.com/sous-chefs/sponsor/6/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/7/website](https://opencollective.com/sous-chefs/sponsor/7/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/8/website](https://opencollective.com/sous-chefs/sponsor/8/avatar.svg?avatarHeight=100)\n![https://opencollective.com/sous-chefs/sponsor/9/website](https://opencollective.com/sous-chefs/sponsor/9/avatar.svg?avatarHeight=100)\n","funding_links":["https://opencollective.com/sous-chefs"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsous-chefs%2Fbind","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsous-chefs%2Fbind","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsous-chefs%2Fbind/lists"}