@ -36,6 +36,9 @@ global_credentials_directory: "credentials"
global_public_key_directory: "public_keys"
global_dns_list_directory: "{{ global_public_key_directory }}/dns"
global_dns_session_key_name: "local-ddns"
global_dns_session_key_path: "/var/run/named/session.key"
global_dns_session_key_algorithm: "{{ global_dns_update_key_algorithm }}"
global_dns_update_key_algorithm: "ED25519"
global_ssh_key_directory: "{{ global_public_key_directory }}/ssh"
@ -3,6 +3,10 @@ options {
directory "/var/cache/bind";
// configure dnssec
dnssec-validation yes;
// session update key
session-keyfile "{{ global_dns_session_key_path }}";
session-keyname "{{ global_dns_session_key_name }}";
session-keyalg "{{ global_dns_session_key_algorithm }}";
// etc
auth-nxdomain no;
listen-on-v6 { any; };