summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMicah <micah@leap.se>2016-06-23 14:05:20 -0400
committerMicah <micah@leap.se>2016-06-28 13:06:59 -0400
commitc7e0864ccb00c67f2dfe7cd8d5a1665c08dd6033 (patch)
treebdf7d1a82aac7830d5e0a78f97c1cd8256a0ed8f
parent2db2587d40c34061813d830e5b8bdf095da38d33 (diff)
Make sure bind9 doesn't take over unbound (#8213).
Change-Id: Icaab817870d005b7a854a3fb8c402705d0b2d77f
-rw-r--r--puppet/modules/site_config/manifests/caching_resolver.pp12
1 files changed, 12 insertions, 0 deletions
diff --git a/puppet/modules/site_config/manifests/caching_resolver.pp b/puppet/modules/site_config/manifests/caching_resolver.pp
index 8bf465c1..59b135a3 100644
--- a/puppet/modules/site_config/manifests/caching_resolver.pp
+++ b/puppet/modules/site_config/manifests/caching_resolver.pp
@@ -2,10 +2,22 @@
class site_config::caching_resolver {
tag 'leap_base'
+ # We need to make sure Package['bind9'] isn't installed because when it is, it
+ # keeps unbound from running. Some base debian installs will install bind9,
+ # and then start it, so unbound will never get properly started. So this will
+ # make sure bind9 is removed before.
+ package { 'bind9':
+ ensure => absent
+ }
+ file { [ '/etc/default/bind9', '/etc/bind/named.conf.options' ]:
+ ensure => absent
+ }
+
class { 'unbound':
root_hints => false,
anchor => false,
ssl => false,
+ require => Package['bind9'],
settings => {
server => {
verbosity => '1',