From ed8b1ae4e3c4f001a68a153854b5541191790342 Mon Sep 17 00:00:00 2001
From: j <repobase@j7b.net>
Date: Tue, 1 Jul 2025 14:58:20 +1000
Subject: [PATCH] Add tsig to master

---
 deployments/dns/bind.yaml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/deployments/dns/bind.yaml b/deployments/dns/bind.yaml
index 5beb6ca..fd03c7f 100644
--- a/deployments/dns/bind.yaml
+++ b/deployments/dns/bind.yaml
@@ -16,6 +16,7 @@ data:
     };
 
     include "/etc/bind/externaldns-key.conf";
+    include "/etc/bind/tsig-key.conf";
 
     options {
         directory "/var/cache/bind";
@@ -79,7 +80,7 @@ data:
     
     zone "hxme.net" {
         type slave;
-        masters { bind-master.bind9.svc.cluster.local key bind-slave-key; };
+        masters { bind-master.dns.svc.cluster.local key "bind-slave-key"; };
         file "slaves/db.hxme.net";
     };
 ---
@@ -133,6 +134,9 @@ spec:
           - name: dns-secrets
             mountPath: /etc/bind/externaldns-key.conf
             subPath: externaldns-key.conf
+          - name: bind-slave-key
+            subPath: tsig-key.conf
+            mountPath: /etc/bind/tsig-key.conf
           - name: bind-cache
             mountPath: /var/cache/bind
           - name: bind-rundir
@@ -143,6 +147,8 @@ spec:
         - name: dns-secrets
           secret:
             secretName: dns-secrets
+        - name: bind-slave-key
+          subPath: tsig-key.conf
         - name: config
           configMap:
             name: bind-master-config