Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status

RSS

unbound (10) Versions 0.1.0

Manages unbound DNS resolver

Policyfile
Berkshelf
Knife
cookbook 'unbound', '= 0.1.0', :supermarket
cookbook 'unbound', '= 0.1.0'
knife supermarket install unbound
knife supermarket download unbound
README
Dependencies
Quality 71%

Description

Installs and manages the unbound DNS server.

Requirements

A platform with unbound available as a native package. The following platforms have unbound packaged, but note that the filesystem locations are not consistent and at this time only Linux + FHS is supported. See the Attributes section.

  • Ubuntu/Debian
  • Red Hat/CentOS/Fedora (requires EPEL)
  • ArchLinux
  • FreeBSD

OpenSUSE seems to have removed the unbound package from recent versions, though 1.0.0 was in 11.1.

Attributes

For information about attributes, see the cookbook metadata. Either view the metadata.rb in the cookbook, or review from the Chef server.

knife cookbook show unbound VERSION

Some values are calculated in the attributes file or in the respective recipes.

Resources

TODO:

Not yet supported.

This cookbook will provide unbound_rr, a resource for managing resource records through unbound-control(8) command in the future. This will require that node['unbound']['remote_control']['enable'] is true.

Templates

For configuration not handled by the template and cookbook attribute values, edit the template for the local environment.

unbound.conf

The main configuration file for unbound. Many settings in the template are controlled via attribute values. The file is located in the node['unbound']['directory'].

The config file created by this cookbook will use unbound's include directive for zone files, which will be located in the node['unbound']['directory']'s conf.d directory.

local-zone.conf

Set up local network resolver configuration with local-zone.conf.

stub-zone.conf

Edit the stub-zone.erb template to create a stub zone configuration.

forward-zone.conf

Edit the forward-zone.erb template to create a forward zone configuration.

remote-control.conf

TODO:

Not yet supported.

Sets up the remote-control settings via the unbound::remote-control recipe.

Recipes

default

Installs unbound and sets up the configuration file(s).

The recipe will load the local zone data from a data bag if present, otherwise it will attempt to use node['dns']['domain'] attribute. The various templates can be edited as required by the local user.

chroot

The intention of this recipe will be to setup the chroot environment if the chroot setting is enabled. However it is not yet complete.

remote_control

TODO:

Not yet supported.

Sets up remote control certificate attributes using the unbound configuration directory. Also creates the config file for remote-control settings and creates the certificates with unbound-control-setup.

Usage

Create a role for the unbound server like this:

name "unbound"
description "DNS Server"
default_attributes(
  "dns" => {
    "domain" => "int.example.com"
  },
  "unbound" => {
    "access_control" => { "127.0.0.1/8" => "allow", "0.0.0.0/0" => "allow" }
  }
)
run_list( "recipe[unbound]")

The node['dns']['domain'] is used to select the data bag (if it exists), or can be a hash of local zone domain attributes. If using a data bag, it should have the following basic structure.

{
  "id": "int_example_com",
  "ns": [
    { "int.example.com": "127.0.0.1" }
  ],
  "host": [
    { "www.int.example.com": "10.1.1.200" }
  ]
}

Unbound itself doesn't support CNAME records. To use this as attributes on the node, put this in the default attributes section of the role (per above).

default_attributes(
  "unbound" => {
    "id" => "int_example_com",
    "ns" => [
      { "int.example.com" => "127.0.0.1" }
    ],
    "host" => [
      { "www.int.example.com" => "10.1.1.200" }
    ]
  }
)
  • Note: This is untested with node attributes

Chroot

TODO:

Not yet fully implemented.

Access Control

Set the node['unbound']['access_control'] attribute as a hash in the role to specify the netblock and action.

Remote Control

TODO:

Not yet supported.

License and Author

Copyright 2011, Joshua Timberman (cookbooks@housepub.org)

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

Collaborator Number Metric
            

0.1.0 passed this metric

Contributing File Metric
            

0.1.0 passed this metric

Foodcritic Metric
            

0.1.0 failed this metric

FC016: LWRP does not declare a default action: unbound/resources/rr.rb:1
FC017: LWRP does not notify when updated: unbound/providers/rr.rb:27
FC059: LWRP provider does not declare use_inline_resources: unbound/providers/rr.rb:1
FC064: Ensure issues_url is set in metadata: unbound/metadata.rb:1
FC065: Ensure source_url is set in metadata: unbound/metadata.rb:1
FC066: Ensure chef_version is set in metadata: unbound/metadata.rb:1
FC067: Ensure at least one platform supported in metadata: unbound/metadata.rb:1
FC069: Ensure standardized license defined in metadata: unbound/metadata.rb:1
FC072: Metadata should not contain "attribute" keyword: unbound/metadata.rb:1
Run with Foodcritic Version 11.2.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any

License Metric
            

0.1.0 passed this metric

No Binaries Metric
            

0.1.0 passed this metric

Testing File Metric
            

0.1.0 passed this metric

Version Tag Metric
            

0.1.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number