Configuration management of BIND .conf
Jan-Piet Mens
list at mens.de
Wed Sep 25 11:15:41 UTC 2024
>Are you leveraging your existing configuration management tools (e.g.
>Puppet, Ansible, Chef)?
Ansible (my choice of poison) works well for this type of situation I find,
particularly because a lot of work can be done via Jinja templating. This
trivial example hopefully illustrates what I mean:
{% macro zone(domain) %}
{% set z = domain|regex_replace('\\.+$', '') %} {# normalize name #}
zone "{{ z }}" IN {
type primary;
file "{{ z }}";
};
{% endmacro %}
{{ zone('example.com.') }}
{{ zone('dnslab.org') }}
>Do you have a script to base64 an 'included' .conf into a TXT record,
>so it can be consumed elsewhere?
That's an interesting idea (JP loves TXT records ;-), but do keep in mind that
individual segments of a TXT may not be larger than 255 octets and the whole
RRset not larger than 64k which could be limiting.
Perhaps a URI record from which a script HTTP GETs the .conf?
-JP
More information about the bind-users
mailing list