puppet-prod/hieradata/roles/infra/dns/master.yaml

---
profiles::dns::master::ns_role: roles::infra::dns::master
profiles::dns::master::use_ns: region
profiles::dns::master::acls:
  acl-main.unkin.net:
    addresses:
      - 198.18.13.0/24
      - 198.18.14.0/24
      - 198.18.15.0/24
      - 198.18.16.0/24
      - 198.18.17.0/24
      - 198.18.19.0/24
      - 198.18.20.0/24
      - 198.18.24.0/24
      - 198.18.25.0/24
      - 198.18.26.0/24
      - 198.18.27.0/24
      - 198.18.28.0/24
      - 198.18.29.0/24

profiles::dns::master::zones:
  main.unkin.net:
    domain: 'main.unkin.net'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/main.unkin.net.conf'
  13.18.198.in-addr.arpa:
    domain: '13.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/13.18.198.in-addr.arpa.conf'
  14.18.198.in-addr.arpa:
    domain: '14.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/14.18.198.in-addr.arpa.conf'
  15.18.198.in-addr.arpa:
    domain: '15.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/15.18.198.in-addr.arpa.conf'
  16.18.198.in-addr.arpa:
    domain: '16.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/16.18.198.in-addr.arpa.conf'
  17.18.198.in-addr.arpa:
    domain: '17.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/17.18.198.in-addr.arpa.conf'
  19.18.198.in-addr.arpa:
    domain: '19.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/19.18.198.in-addr.arpa.conf'
  20.18.198.in-addr.arpa:
    domain: '20.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/20.18.198.in-addr.arpa.conf'
  21.18.198.in-addr.arpa:
    domain: '21.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/21.18.198.in-addr.arpa.conf'
  22.18.198.in-addr.arpa:
    domain: '22.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/22.18.198.in-addr.arpa.conf'
  23.18.198.in-addr.arpa:
    domain: '23.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/23.18.198.in-addr.arpa.conf'
  24.18.198.in-addr.arpa:
    domain: '24.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/24.18.198.in-addr.arpa.conf'
  25.18.198.in-addr.arpa:
    domain: '25.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/25.18.198.in-addr.arpa.conf'
  26.18.198.in-addr.arpa:
    domain: '26.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/26.18.198.in-addr.arpa.conf'
  27.18.198.in-addr.arpa:
    domain: '27.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/27.18.198.in-addr.arpa.conf'
  28.18.198.in-addr.arpa:
    domain: '28.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/28.18.198.in-addr.arpa.conf'
  29.18.198.in-addr.arpa:
    domain: '29.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/29.18.198.in-addr.arpa.conf'

profiles::dns::master::views:
  master-zones:
    recursion: false
    zones:
      - main.unkin.net
      - 13.18.198.in-addr.arpa
      - 14.18.198.in-addr.arpa
      - 15.18.198.in-addr.arpa
      - 16.18.198.in-addr.arpa
      - 17.18.198.in-addr.arpa
      - 19.18.198.in-addr.arpa
      - 20.18.198.in-addr.arpa
      - 21.18.198.in-addr.arpa
      - 22.18.198.in-addr.arpa
      - 23.18.198.in-addr.arpa
      - 24.18.198.in-addr.arpa
      - 25.18.198.in-addr.arpa
      - 26.18.198.in-addr.arpa
      - 27.18.198.in-addr.arpa
      - 28.18.198.in-addr.arpa
      - 29.18.198.in-addr.arpa
    match_clients:
      - acl-main.unkin.net

profiles::dns::master::keys:
  rndskey:
    secret_bits: 512
    algorithm: hmac-sha256
    secret: "%{lookup('profiles::dns::master::secret')}"