Explicitly reference the bind keys file

Debian supplies the bind keys at /etc/bind/bind.keys and RedHat supplies it at /etc/named.iscdlv.key. Add the directive that references this file. I think it may have "just worked" on Debian, baesd on the information at https://www.isc.org/downloads/bind/bind-keys/
2017-04-16 09:05:56 -05:00 · 2017-04-16 09:05:56 -05:00 · d580291c69
commit d580291c69
parent c28594b458
4 changed files with 6 additions and 0 deletions
--- a/data/osfamily/Debian.yaml
+++ b/data/osfamily/Debian.yaml
@ -10,5 +10,6 @@ bind::defaults::namedconf: '/etc/bind/named.conf'
 bind::defaults::cachedir: '/var/cache/bind'
 bind::defaults::logdir: '/var/log/bind'
 bind::defaults::default_zones_include: '/etc/bind/named.conf.default-zones'
+bind::defaults::isc_bind_keys: '/etc/bind/bind.keys'

 bind::updater::keydir: '/etc/bind/keys'
--- a/data/osfamily/RedHat.yaml
+++ b/data/osfamily/RedHat.yaml
@ -12,5 +12,6 @@ bind::defaults::cachedir: '/var/named'
 bind::defaults::logdir: '/var/log/named'
 bind::defaults::default_zones_include: '/etc/named.default-zones.conf'
 bind::defaults::default_zones_source: 'puppet:///modules/bind/RedHat/named.default-zones.conf'
+bind::defaults::isc_bind_keys: '/etc/named.iscdlv.key'

 bind::updater::keydir: '/etc/named/keys'
--- a/manifests/defaults.pp
+++ b/manifests/defaults.pp
@ -15,6 +15,7 @@ class bind::defaults (
    $managed_keys_directory = undef,
    $default_zones_include  = undef,
    $default_zones_source   = undef,
+    $isc_bind_keys          = undef,
 ) {
    unless is_bool($supported) {
        fail('Please ensure that the dependencies of the bind module are installed and working correctly')
--- a/templates/named.conf.erb
+++ b/templates/named.conf.erb
@ -35,6 +35,9 @@ options {
 <%- if @dnssec -%>
 	dnssec-validation yes;
 	dnssec-lookaside auto;
+<%-   if @isc_bind_keys -%>
+        bindkeys-file "<%= @isc_bind_keys %>";
+<%-   end -%>
 <%- end -%>
 <%- if @version != '' -%>
 	version "<%= @version %>";