various improvements

[distro-setup] / machine_specific / li / filesystem / etc / bind / named.conf.local

diff --git a/machine_specific/li/filesystem/etc/bind/named.conf.local b/machine_specific/li/filesystem/etc/bind/named.conf.local
index 0b88ee82e141d9a5a41c56f913bb9854a2a7e0e7..39df3fa2ee6c6bc6a8f36e6c57827250b362c03f 100644 (file)
--- a/machine_specific/li/filesystem/etc/bind/named.conf.local
+++ b/machine_specific/li/filesystem/etc/bind/named.conf.local
@@ -7,27 +7,24 @@
 // ian: ok. uncommented. 1918 zones are private ip ranges.
 include "/etc/bind/zones.rfc1918";
 
-
-
-zone "iank.life" {
+# based on random internet tutorials, then reading
+# file:///usr/share/doc/bind9-doc/arm/Bv9ARM.ch06.html#dynamic_update_policies
+zone "b8.nz" {
 type master;
-file "/etc/bind/bind-writable/db.iank.life";
+file "/var/lib/bind/db.b8.nz";
   update-policy {
-    // allow host to update themselves with a key having their own name
-    grant iank.life. name iank.life. A TXT;
-    grant iank.life. name *.iank.life. A TXT;
+    // allow updating almost anything in the zone or subdomains.
+    grant b8.nz. subdomain b8.nz.;
   };
 };
-include "/etc/bind/key.iank.life";
+include "/etc/bind/key.b8.nz";
 
+zone "iankelling.org" {
+type master;
+file "/var/lib/bind/db.iankelling.org";
+};
 
-zone "b8.nz" {
+zone "zroe.org" {
 type master;
-file "/etc/bind/bind-writable/db.b8.nz";
-  update-policy {
-    // allow host to update themselves with a key having their own name
-    grant b8.nz. name b8.nz. A TXT;
-    grant b8.nz. name *.b8.nz. A TXT;
-  };
+file "/var/lib/bind/db.zroe.org";
 };
-include "/etc/bind/key.b8.nz";