From 1e8d0b3d0d885f38ac1ce527181983333640ebfd Mon Sep 17 00:00:00 2001
From: Mike Bryant <m@ocado.com>
Date: Thu, 11 Jun 2015 15:56:01 +0100
Subject: [PATCH] Add support for the update-policy statement

---
 README.md               | 1 +
 manifests/zone.pp       | 1 +
 templates/zone.conf.erb | 7 +++++++
 3 files changed, 9 insertions(+)

diff --git a/README.md b/README.md
index aa90996..ea7a53d 100644
--- a/README.md
+++ b/README.md
@@ -135,6 +135,7 @@ zone transfers to servers matching an acl:
         zone_type       => 'master',
         domain          => 'example.com',
         allow_updates   => [ 'key local-update', ],
+        update_policies => [ 'grant test.example.net name example.net MX', ],
         allow_transfers => [ 'secondary-dns', ],
 	ns_notify       => true,
         dnssec          => true,
diff --git a/manifests/zone.pp b/manifests/zone.pp
index 348cae0..ade6efc 100644
--- a/manifests/zone.pp
+++ b/manifests/zone.pp
@@ -7,6 +7,7 @@ define bind::zone (
     $masters         = '',
     $transfer_source = '',
     $allow_updates   = '',
+    $update_policies = '',
     $allow_transfers = '',
     $dnssec          = false,
     $key_directory   = '',
diff --git a/templates/zone.conf.erb b/templates/zone.conf.erb
index 4be5f17..53d9e27 100644
--- a/templates/zone.conf.erb
+++ b/templates/zone.conf.erb
@@ -47,6 +47,13 @@ zone "<%= @_domain %>" {
 <%-   end -%>
 	};
 <%- end -%>
+<%- if @update_policies and @update_policies != '' -%>
+	update-policy {
+<%-   Array(@update_policies).each do |update_policy| -%>
+		<%= update_policy %>;
+<%-   end -%>
+	};
+<%- end -%>
 <%- if @allow_transfers and @allow_transfers != '' -%>
 	allow-transfer {
 <%-   Array(@allow_transfers).each do |allow_transfer| -%>