puppet-prod/hieradata/roles/infra/dns/master.yaml

---
profiles::dns::master::nameservers:
  - prodinf01n23.main.unkin.net
  - prodinf01n24.main.unkin.net

profiles::dns::master::acls:
  acl-main.unkin.net:
    addresses:
      - 198.18.17.0/24

profiles::dns::master::zones:
  main.unkin.net:
    domain: 'main.unkin.net'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/main.unkin.net.conf'
  17.18.198.in-addr.arpa:
    domain: '17.18.198.in-addr.arpa'
    zone_type: 'master'
    dynamic: false
    ns_notify: true
    source: '/var/named/sources/17.18.198.in-addr.arpa.conf'

profiles::dns::master::views:
  master-zones:
    recursion: false
    zones:
      - main.unkin.net
      - 17.18.198.in-addr.arpa
    match_clients:
      - acl-main.unkin.net

profiles::dns::master::keys:
  rndskey:
    secret_bits: 512
    algorithm: hmac-sha256
    secret: "%{lookup('profiles::dns::master::secret')}"