Master to require key for transfer

2025-07-01 15:00:48 +10:00 · 2025-07-01 15:00:48 +10:00 · 280a36a591
commit 280a36a591
parent ed8b1ae4e3
1 changed files with 6 additions and 1 deletions
--- a/deployments/dns/bind.yaml
+++ b/deployments/dns/bind.yaml
@ -45,6 +45,7 @@ data:
      type master;
      file "/etc/bind/db.hxme.net";
      allow-update { key "externaldns-key"; };
+      allow-transfer { key "bind-slave-key"; };
    };
  db.hxme.net: |
    $TTL    3600
@ -77,10 +78,14 @@ data:
    };

    include "/etc/bind/tsig-key.conf";
+
+    masters "hxme-master" {
+      bind-master.dns.svc.cluster.local key "bind-slave-key";
+    };
    
    zone "hxme.net" {
        type slave;
-        masters { bind-master.dns.svc.cluster.local key "bind-slave-key"; };
+        masters { "hxme-master"; };
        file "slaves/db.hxme.net";
    };
 ---