Debian supplies the bind keys at /etc/bind/bind.keys and RedHat supplies it at
/etc/named.iscdlv.key. Add the directive that references this file. I think it
may have "just worked" on Debian, baesd on the information at
https://www.isc.org/downloads/bind/bind-keys/
The bind class parameter defaults values are meant to be supplied via module
data. Really, these ought to come through the bind::defaults class from hiera,
but that class is currently the home of platform defaults which are not meant
to be overridden by the user. This is a first step, maybe? A normalization for
sure.
It turns out the `rndc` command that was intended to reload a managed zone
wasn't working (see PR #91 for reference) if more than one view included the
zone. The helper script is really just a wrapper around the `rndc` command
itself, it translates its final parameter into a domain/class/view tuple and
pass the leading parameters and the tuple to `rndc`.
Views support an `allow-transfer` directive essentially identical to the one in
zones. Copy the code from `manifests/zone.pp` and `templates/zone.conf.erb` to
support it.
By setting bind::include_default_zones to false, a user can suppress the
inclusion of the default definitions for the root hints zone and RFC 1912
zones. These are supplied with the BIND package's default configuration on both
Debian and RedHat derived systems. These zones are necessary for a resolver,
but may be omitted if the server acts strictly as an authoritative server.
RedHat's default zones are baked into the stock named.conf, which the module's
template completely rewrites. Since the module is extremely view-based, and the
Debian default-zones are repositioned into the zones, let's take those defaults
out of the stock named.conf, build a configuration file out of them and include
it in the view just the same.
Modify the handling of the `servers` property in `bind::view` to respond to
specific keys in the config hash for each server, and document how this
property is handled.
Distro packaging includes a lot of configuration files that this module tries
and fails to get rid of, but with exclusions. Those don't always work for
mysterious reasons. Leave the distributed files intact as much as possible,
with just the necessary files touched to effect the desired configuration.
Also, make inclusion of named.conf.local optional (default false) and stop
ensuring that there's at least an empty one.
Add a parameter to `bind::zone` which indicates whether a zone is dynamic or
not. This has the effect of allowing puppet to manage the zone file rather than
simply initialize it. This change also introduces more appropriate handling of
slave and stub zones, so that puppet will not populate a stock zone file,
forcing the nameserver to do a zone transfer when a zone is created.
Also, there is now a substancial amount of validation in the `bind::zone` class
in order to prevent invalid parameter combinations, so that validity may be
assumed elsewhere in the manifest and in the configuration template.
