From 1d41d07b2dd474ba37f77245f75b5b0e0348107f Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Wed, 18 Mar 2026 20:00:22 +1100 Subject: [PATCH] fix: allow transfer for external-dns (#456) external-dns required axfr support to remove old records. add the capability for the externaldns tsig key. Reviewed-on: https://git.unkin.net/unkin/puppet-prod/pulls/456 --- modules/externaldns/manifests/master.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/externaldns/manifests/master.pp b/modules/externaldns/manifests/master.pp index 538119c..cfb90d1 100644 --- a/modules/externaldns/manifests/master.pp +++ b/modules/externaldns/manifests/master.pp @@ -28,8 +28,8 @@ class externaldns::master inherits externaldns { dynamic => true, allow_updates => ['key externaldns-key'], allow_transfers => empty($slave_ips) ? { - true => [], - false => ['dns-slaves'], + true => ['key externaldns-key'], + false => ['key externaldns-key','dns-slaves'], }, ns_notify => !empty($slave_ips), also_notify => $slave_ips, @@ -42,4 +42,4 @@ class externaldns::master inherits externaldns { recursion => false, zones => $externaldns::k8s_zones, } -} \ No newline at end of file +}