Allow definition of controls
diff --git a/README.rst b/README.rst
index a59b3b5..eb63014 100644
--- a/README.rst
+++ b/README.rst
@@ -21,6 +21,16 @@
8.8.8.8:
keys:
- keyname
+ control:
+ local:
+ enabled: true
+ bind:
+ address: 127.0.0.1
+ port: 953
+ allow:
+ - 127.0.0.1
+ keys:
+ - xyz
zone:
sub.domain.com:
ttl: 86400
@@ -50,6 +60,12 @@
hosts:
- localhost
+You can use following command to generate key:
+
+.. code-block:: bash
+
+ dnssec-keygen -a HMAC-SHA512 -b 512 -n HOST -r /dev/urandom mykey
+
Read more
=========
diff --git a/bind/files/named.conf.local b/bind/files/named.conf.local
index b9017f8..475008c 100644
--- a/bind/files/named.conf.local
+++ b/bind/files/named.conf.local
@@ -47,6 +47,28 @@
};
{%- endfor %}
+{%- if server.get('control') %}
+controls {
+ {%- for name, control in server.control.iteritems() if control.get('enabled', True) %}
+ inet {{ control.get('bind', {}).get('address', '127.0.0.1') }} port {{ control.get('bind', {}).get('port', 953) }}
+ {%- if control.get('allow') %}
+ allow {
+ {%- for allow in control.allow %}
+ {{ allow }};
+ {%- endfor %}
+ }
+ {%- endif %}
+ {%- if control.get('keys') %}
+ keys {
+ {%- for key in control.get('keys') %}
+ {{ key }};
+ {%- endfor %}
+ }
+ {%- endif %};
+ {%- endfor %}
+};
+{%- endif %}
+
{#-
vim: syntax=jinja
#}