Add DNF / CentOS 8 - drop CentOS 6 (#112)

* Fix install resources for DNF / CentOS 8 The yum_package resource doesn't work on centos / rhel 8. The package resource maps to yum_package on centos 5/6/7 and to dnf_package on centos 8. * Add CentOS 8 test jobs * resolve dnf module related centos 8 failure * switch to supported releases 4.1 is not available for centos 8 This changes the default to the supported releases: https://doc.powerdns.com/authoritative/appendices/EOL.html https://doc.powerdns.com/recursor/appendices/EOL.html * update documentation * update tests * update defaults for socket-dir * Pull in pdns commit 0524add91a67c73bd91f439a19913238f95e6d86 * revert this` * remove run_user bits * strip out centos-6 / sysvinit support EOL for centos 6 is 30/11/2020, it complicates the setgid/setuid stuff so it makes sense to drop it now * bump version * update readme
dnsimple · Jan 16, 2021 · 28477f9 · 28477f9
1 parent d02b6c7
commit 28477f9
Show file tree

Hide file tree

Showing 24 changed files with 81 additions and 621 deletions.
diff --git a/.kitchen.yml b/.kitchen.yml
@@ -21,16 +21,16 @@ verifier:
   name: inspec
 
 platforms:
-  - name: centos-6
-    driver:
-      image: dokken/centos-6
-      pid_one_command: /sbin/init
-
   - name: centos-7
     driver:
       image: dokken/centos-7
       pid_one_command: /usr/lib/systemd/systemd
 
+  - name: centos-8
+    driver:
+      image: dokken/centos-8
+      pid_one_command: /usr/lib/systemd/systemd
+
   - name: debian-9
     driver:
       image: dokken/debian-9
@@ -77,12 +77,6 @@ suites:
     attributes:
 
   - name: authoritative-postgres
-    # On CentOS 6, restart the 'postgres' database could fail the first time so
-    # let's try twice before failing:
-    # https://github.com/sous-chefs/postgresql/issues/421
-    excludes: [
-      'centos-6.9' # for dokken
-    ]
     run_list:
       - recipe[pdns_test::inspec_dependencies]
       - recipe[pdns_test::authoritative_install_single_postgres]

diff --git a/.travis.yml b/.travis.yml
@@ -13,20 +13,20 @@ env:
   matrix:
     # Split up the test-kitchen run to avoid exceeding 50 minutes:
     - TASK="quick"
-    - TASK="kitchen" KITCHEN_REGEXP=authoritative-multi-centos-6
     - TASK="kitchen" KITCHEN_REGEXP=authoritative-multi-centos-7
+    - TASK="kitchen" KITCHEN_REGEXP=authoritative-multi-centos-8
     - TASK="kitchen" KITCHEN_REGEXP=authoritative-multi-debian-9
     - TASK="kitchen" KITCHEN_REGEXP=authoritative-multi-debian-10
     - TASK="kitchen" KITCHEN_REGEXP=authoritative-multi-ubuntu-1604
     - TASK="kitchen" KITCHEN_REGEXP=authoritative-multi-ubuntu-1804
-    - TASK="kitchen" KITCHEN_REGEXP=authoritative-postgres-centos-6
     - TASK="kitchen" KITCHEN_REGEXP=authoritative-postgres-centos-7
+    - TASK="kitchen" KITCHEN_REGEXP=authoritative-postgres-centos-8
     - TASK="kitchen" KITCHEN_REGEXP=authoritative-postgres-debian-9
     - TASK="kitchen" KITCHEN_REGEXP=authoritative-postgres-debian-10
     # - TASK="kitchen" KITCHEN_REGEXP=authoritative-postgres-ubuntu-1604 # https://askubuntu.com/questions/830346/postgresql-server-doesnt-start
     - TASK="kitchen" KITCHEN_REGEXP=authoritative-postgres-ubuntu-1804
-    - TASK="kitchen" KITCHEN_REGEXP=recursor-multi-centos-6
     - TASK="kitchen" KITCHEN_REGEXP=recursor-multi-centos-7
+    - TASK="kitchen" KITCHEN_REGEXP=recursor-multi-centos-8
     - TASK="kitchen" KITCHEN_REGEXP=recursor-multi-debian-9
     - TASK="kitchen" KITCHEN_REGEXP=recursor-multi-debian-10
     - TASK="kitchen" KITCHEN_REGEXP=recursor-multi-ubuntu-1604

diff --git a/README.md b/README.md
@@ -6,6 +6,11 @@ Provides resources for installing and configuring both PowerDNS authoritative an
 
 [![Build Status](https://travis-ci.org/dnsimple/chef-pdns.svg?branch=master)](https://travis-ci.org/dnsimple/chef-pdns)
 
+## Upgrade Notes for 7.x series
+Please note that this version primarily supports PowerDNS 4.3 and PowerDNS Recursor 4.3. Older versions may work, but are not as heavily tested. Additionally support for CentOS 6 / sysvinit has been dropped.
+
+When upgrading to the 7.x series, please pay special attention to your config and service resources which use the run_user / run_group / setuid / setgid properties. We have removed these attributes to better match the direction of upstream PowerDNS.
+
 ## Upgrade Notes for 6.x series
 
 When upgrading to the 6.x series, please pay special attention to your config and service resources which use the `instance_name` property. We have introduced a new `virtual` property to the config and service resources to more clearly mark them as a virtual instance versus the default one configured via the install resource. If you used `instance_name ''` to refer to the default instance, you can safely remove this property or leave it as-is. If you do use another name, then you will want to set `virtual true` in your config and service resources.
@@ -24,15 +29,14 @@ You can look at the [test cookbook](https://github.com/dnsimple/chef-pdns/blob/m
 - Ubuntu 14.04 and newer
 - Debian 8 and newer
 - RHEL 7 and newer
-- CentOS 6.9 and newer
+- CentOS 7 and newer
 
 ### Chef:
 
 - Chef 13 or newer
 
 ### Init Systems:
 
-* SysV
 * systemd
 
 ## Usage
@@ -103,14 +107,14 @@ Most of the properties are optional and have sane defaults, so they are only rec
 
 ### pdns_authoritative_install
 
-Installs PowerDNS authoritative server 4.1.x series using PowerDNS official repository in the supported platforms.
+Installs PowerDNS authoritative server 4.3.x series using PowerDNS official repository in the supported platforms.
 
 #### Properties
 
 | Name          | Type        |  Default value |
 |---------------|-------------|----------------|
 | version       | String      | ''             |
-| series        | String      | '41'           |
+| series        | String      | '43'           |
 | debug         | true, false | false          |
 | allow_upgrade | true, false | false          |
 | backends      | Array       | nil            |
@@ -119,17 +123,17 @@ Installs PowerDNS authoritative server 4.1.x series using PowerDNS official repo
 
 #### Usage examples
 
-Install the latest 4.1.x series PowerDNS Authoritative Server
+Install the latest 4.3.x series PowerDNS Authoritative Server
 
 ```ruby
 pdns_authoritative_install 'server_01'
 ```
 
-Install the latest 4.0.x series PowerDNS Authoritative Server
+Install the latest 4.2.x series PowerDNS Authoritative Server
 
 ```ruby
 pdns_authoritative_install 'server_01' do
-  series '40'
+  series '42'
 end
 ```
 
@@ -164,12 +168,6 @@ Creates a PowerDNS recursor configuration, there is a fixed set of required prop
 | launch         | Array, nil | ['bind']        | No          |
 | config_dir     | String     | see `default_authoritative_config_directory` helper method | Yes |
 | socket_dir     | String     | "/var/run/#{resource.instance_name}" | Yes |
-| run_group      | String     | see `default_authoritative_run_user` helper method  | No |
-| run_user       | String     | see `default_authoritative_run_user` helper method  | No |
-| run_user_home  | String     | see `default_user_attributes` helper method | No |
-| run_user_shell | String     | see `default_user_attributes` helper method | No |
-| setuid         | String     | resource.run_user | No |
-| setgid         | String     | resource.run_group | No |
 | source         | String,nil | 'authoritative_service.conf.erb' | No |
 | cookbook       | String,nil | 'pdns' | No |
 | variables      | Hash       | { bind_config:  "#{resource.config_dir}/bindbackend.conf" } | No |
@@ -235,30 +233,30 @@ end
 
 ### pdns_recursor_install
 
-Installs PowerDNS recursor 4.1.x series using PowerDNS official repository in the supported platforms.
+Installs PowerDNS recursor 4.3.x series using PowerDNS official repository in the supported platforms.
 
 #### Properties
 
 | Name           | Type        |  Default value  |
 |----------------|-------------|-----------------|
 | version        | String      | ''              |
-| series         | String      | '41'            |
+| series         | String      | '43'            |
 | debug          | true, false | false           |
 | allow_upgrade  | true, false | false           |
 
 #### Usage examples
 
-Install the latest 4.1.x release PowerDNS recursor
+Install the latest 4.3.x release PowerDNS recursor
 
 ```ruby
-pdns_recursor_install 'latest_4_1_x_recursor'
+pdns_recursor_install 'latest_4_3_x_recursor'
 ```
 
-Install the latest 4.0.x release PowerDNS recursor
+Install the latest 4.2.x release PowerDNS recursor
 
 ```ruby
 pdns_recursor_install 'my_recursor' do
-  series '40'
+  series '42'
 end
 ```
 
@@ -326,12 +324,6 @@ Creates a PowerDNS recursor configuration.
 | virtual        | Boolean     | false                                                  |
 | config_dir     | String      | see `default_recursor_config_directory` helper method  |
 | socket_dir     | String      | /var/run/#{resource.instance_name}                     |
-| run_group      | String      | see `default_recursor_run_user` helper method          |
-| run_user       | String      | see `default_recursor_run_user` helper method          |
-| run_user_home  | String      | see `default_user_attributes` helper method            |
-| run_user_shell | String      | see `default_user_attributes` helper method            |
-| setuid         | String      | resource.run_user                                      |
-| setgid         | String      | resource.run_group                                     |
 | source         | String, nil | 'recursor_service.conf.erb'                            |
 | cookbook       | String, nil | 'pdns'                                                 |
 | variables      | Hash        | {}                                                     |
@@ -343,10 +335,6 @@ Creates a PowerDNS recursor configuration.
 - `socket_dir` : Directory where sockets are created.
 - `cookbook` : Cookbook for a custom configuration template
 - `variables`: Variables for the configuration template.
-- `run_group`: Unix group that runs the recursor.
-- `run_user`: Unix user that runs the recursor.
-- `run_user_home`: Home of the Unix user that runs the recursor.
-- `run_user_shell`: Shell of the Unix user that runs the recursor.
 
 #### Usage Example
 

diff --git a/libraries/helpers.rb b/libraries/helpers.rb
@@ -37,10 +37,6 @@ def systemd_name(name, virtual)
       virtual ? "pdns-recursor@#{name}.service" : 'pdns-recursor.service'
     end
 
-    def sysvinit_name(name, virtual)
-      virtual ? "pdns-recursor-#{name}" : 'pdns-recursor'
-    end
-
     def default_recursor_run_user
       case node['platform_family']
       when 'debian'
@@ -72,10 +68,6 @@ def systemd_name(name, virtual)
       virtual ? "pdns@#{name}.service" : 'pdns.service'
     end
 
-    def sysvinit_name(name, virtual)
-      virtual ? "pdns-#{name}" : 'pdns'
-    end
-
     def authoritative_instance_config(name, virtual)
       virtual ? "pdns-#{name}.conf" : 'pdns.conf'
     end

diff --git a/metadata.rb b/metadata.rb
@@ -3,13 +3,13 @@
 maintainer_email '[email protected]'
 license          'Apache-2.0'
 description      'Installs/Configures PowerDNS Recursor and Authoritative server'
-version          '6.1.1'
+version          '7.0.0'
 source_url       'https://github.com/dnsimple/chef-pdns'
 issues_url       'https://github.com/dnsimple/chef-pdns/issues'
 
 chef_version '>= 13'
 
 supports 'ubuntu', '>= 16.04'
 supports 'debian', '>= 9.0'
-supports 'centos', '>= 6.0'
-supports 'redhat', '>= 6.0'
+supports 'centos', '>= 7.0'
+supports 'redhat', '>= 7.0'
diff --git a/resources/authoritative_config.rb b/resources/authoritative_config.rb
@@ -37,36 +37,32 @@
 property :virtual, [true, false], default: false
 property :launch, Array, default: ['bind']
 property :config_dir, String, default: lazy { default_authoritative_config_directory }
-property :run_group, String, default: lazy { default_authoritative_run_user }
-property :run_user, String, default: lazy { default_authoritative_run_user }
-property :run_user_home, String, default: lazy { default_user_attributes[:home] }
-property :run_user_shell, String, default: lazy { default_user_attributes[:shell] }
-property :socket_dir, String, default: '/var/run'
-property :setuid, String, default:  lazy { |resource| resource.run_user }
-property :setgid, String, default:  lazy { |resource| resource.run_group }
+property :socket_dir, String, default: '/var/run/pdns'
 
 property :source, String, default: 'authoritative_service.conf.erb'
 property :cookbook, String, default: 'pdns'
 property :variables, Hash, default: lazy { |resource| { bind_config: "#{resource.config_dir}/bindbackend.conf" } }
 
 action :create do
-  user new_resource.run_user do
-    home new_resource.run_user_home
-    shell new_resource.run_user_shell
+  user 'pdns authoritative' do
+    username lazy { default_authoritative_run_user }
+    home lazy { default_user_attributes[:home] }
+    shell lazy { default_user_attributes[:shell] }
     system true
     action :create
   end
 
-  group new_resource.run_group do
-    members [new_resource.run_user]
+  group 'pdns authoritative' do
+    group_name lazy { default_authoritative_run_user }
+    members lazy { [ default_authoritative_run_user ] }
     system true
     append true
     action :create
   end
 
   directory new_resource.config_dir do
     owner 'root'
-    group new_resource.run_group
+    group lazy { default_authoritative_run_user }
     mode '0755'
     action :create
   end
@@ -75,13 +71,11 @@
     source new_resource.source
     cookbook new_resource.cookbook
     owner 'root'
-    group new_resource.run_group
+    group lazy { default_authoritative_run_user }
     mode '0640'
     variables(
       launch: new_resource.launch,
       socket_dir: new_resource.socket_dir,
-      setuid: new_resource.setuid,
-      setgid: new_resource.setgid,
       variables: new_resource.variables
     )
   end

diff --git a/resources/authoritative_install_debian.rb b/resources/authoritative_install_debian.rb
@@ -26,7 +26,7 @@
 end
 
 property :version, String
-property :series, String, default: '41'
+property :series, String, default: '43'
 property :debug, [true, false], default: false
 property :allow_upgrade, [true, false], default: false
 property :backends, Array

diff --git a/resources/authoritative_install_rhel.rb b/resources/authoritative_install_rhel.rb
@@ -18,17 +18,17 @@
 #
 
 provides :pdns_authoritative_install, platform_family: 'rhel' do |node|
-  node['platform_version'].to_i >= 6
+  node['platform_version'].to_i >= 7
 end
 
 property :version, String
-property :series, String, default: '41'
+property :series, String, default: '43'
 property :debug, [true, false], default: false
 property :allow_upgrade, [true, false], default: false
 property :backends, Array
 
 action :install do
-  yum_package 'epel-release' do
+  package 'epel-release' do
     action :install
   end
 
@@ -53,21 +53,21 @@
 
   if new_resource.backends
     new_resource.backends.each do |backend|
-      yum_package "pdns-backend-#{backend}" do
+      package "pdns-backend-#{backend}" do
         action :upgrade if new_resource.allow_upgrade
         version new_resource.version
       end
     end
   end
 
-  yum_package 'pdns' do
+  package 'pdns' do
     version new_resource.version
     action :upgrade if new_resource.allow_upgrade
   end
 end
 
 action :uninstall do
-  yum_package 'pdns' do
+  package 'pdns' do
     action :remove
     version new_resource.version
   end