Add tsig to master

2025-07-01 14:58:20 +10:00 · 2025-07-01 14:58:20 +10:00 · ed8b1ae4e3
commit ed8b1ae4e3
parent a1a00c82e5
1 changed files with 7 additions and 1 deletions
--- a/deployments/dns/bind.yaml
+++ b/deployments/dns/bind.yaml
@ -16,6 +16,7 @@ data:
    };

    include "/etc/bind/externaldns-key.conf";
+    include "/etc/bind/tsig-key.conf";

    options {
        directory "/var/cache/bind";
@ -79,7 +80,7 @@ data:
    
    zone "hxme.net" {
        type slave;
-        masters { bind-master.bind9.svc.cluster.local key bind-slave-key; };
+        masters { bind-master.dns.svc.cluster.local key "bind-slave-key"; };
        file "slaves/db.hxme.net";
    };
 ---
@ -133,6 +134,9 @@ spec:
          - name: dns-secrets
            mountPath: /etc/bind/externaldns-key.conf
            subPath: externaldns-key.conf
+          - name: bind-slave-key
+            subPath: tsig-key.conf
+            mountPath: /etc/bind/tsig-key.conf
          - name: bind-cache
            mountPath: /var/cache/bind
          - name: bind-rundir
@ -143,6 +147,8 @@ spec:
        - name: dns-secrets
          secret:
            secretName: dns-secrets
+        - name: bind-slave-key
+          subPath: tsig-key.conf
        - name: config
          configMap:
            name: bind-master-config