Add keys

manifests/init.pp

@@ -36,7 +36,7 @@ class bind (
 		notify  => Service[$bind::params::bind_service],
 	}
 
-	file { "${confdir}/zones":
+	file { [ "${confdir}/zones", "${confdir}/keys" ]:
 		ensure => directory,
 		owner  => 'root',
 		group  => $bind::params::bind_group,

manifests/key.pp

@@ -0,0 +1,18 @@
+define bind::key (
+	$algorithm => 'hmac-sha256',
+	$secret,
+) {
+	file { "${bind::confdir}/keys/${name}.conf":
+		ensure  => present,
+		owner   => 'root',
+		group   => $bind::params::bind_group,
+		mode    => '0640',
+		content => template('bind/key.conf.erb'),
+		notify  => Service[$bind::params::bind_service],
+	}
+	concat::fragment { "bind-key-${name}":
+		order   => '10',
+		target  => "${bind::confdir}/named.conf",
+		content => "include \"${bind::confdir}/keys/${name}.conf\";\n",
+	}
+}

templates/key.erb

@@ -0,0 +1,5 @@
+
+key "<%= name %>" {
+	algorithm <%= algorithm %>;
+	secret "<%= secret %>";
+};