From 7a809fe7b501a6e0eb5a685943c0700f7cd0933c Mon Sep 17 00:00:00 2001
From: pettai <pettai@sunet.se>
Date: Fri, 14 Jun 2024 14:36:47 +0200
Subject: [PATCH] knot conf templating

---
 .../overlay/etc/knot/conf.d/example.conf      | 11 +++++++++
 .../overlay/etc/knot/conf.d/template.conf     |  8 +++++++
 .../modules/dns/templates/knot/knot.conf.erb  | 24 ++++++++++++-------
 3 files changed, 35 insertions(+), 8 deletions(-)
 create mode 100644 dns-rest-api1.sunet.se/overlay/etc/knot/conf.d/example.conf
 create mode 100644 dns-rest-api1.sunet.se/overlay/etc/knot/conf.d/template.conf

diff --git a/dns-rest-api1.sunet.se/overlay/etc/knot/conf.d/example.conf b/dns-rest-api1.sunet.se/overlay/etc/knot/conf.d/example.conf
new file mode 100644
index 0000000..0274f47
--- /dev/null
+++ b/dns-rest-api1.sunet.se/overlay/etc/knot/conf.d/example.conf
@@ -0,0 +1,11 @@
+# Example zones, playground for the DNS REST API users
+
+zone:
+    # Primary zones
+  - domain: example.com
+    dnssec-signing: off
+    notify: [ localhost ]
+
+  - domain: example.net
+    dnssec-signing: off
+    notify: [ localhost ]
diff --git a/dns-rest-api1.sunet.se/overlay/etc/knot/conf.d/template.conf b/dns-rest-api1.sunet.se/overlay/etc/knot/conf.d/template.conf
new file mode 100644
index 0000000..ca491ae
--- /dev/null
+++ b/dns-rest-api1.sunet.se/overlay/etc/knot/conf.d/template.conf
@@ -0,0 +1,8 @@
+# Template (copy me)
+# (if non-standard remote:s is to be used, they need to be in specified here)
+#
+#zone:
+#    # Primary zone(s)
+#  - domain: mydomain.com
+#    dnssec-signing: off
+#    notify: [ ns1-sunet-se, sunic-sunet-se, sunic-node1, sunic-node2, sunic-node3 ]
diff --git a/global/overlay/etc/puppet/modules/dns/templates/knot/knot.conf.erb b/global/overlay/etc/puppet/modules/dns/templates/knot/knot.conf.erb
index 07888c2..9c91f6a 100644
--- a/global/overlay/etc/puppet/modules/dns/templates/knot/knot.conf.erb
+++ b/global/overlay/etc/puppet/modules/dns/templates/knot/knot.conf.erb
@@ -17,6 +17,21 @@ database:
 remote:
   - id: localhost
     address: 127.0.0.1@53
+  - id: sunic-sunet-se
+    address: 192.36.125.2@53
+    address: 2001:6b0:7::2@53
+  - id: ns1-sunet-se
+    address: 89.47.185.240@53
+    address: 2001:6b0:5a:4020::384@53
+  - id: sunic-node1
+    address: 130.242.3.49@53
+    address: 2001:6b0:1e:2::22d@53
+  - id: sunic-node2
+    address: 130.242.3.241@53
+    address: 2001:6b0:1e:2::22f@53
+  - id: sunic-node3
+    address: 130.242.3.125@53
+    address: 2001:6b0:1e:2::231@53
 
 template:
   - id: default
@@ -25,12 +40,5 @@ template:
 
 include: conf.d/*.conf
 
-zone:
-    # Primary zones
-  - domain: example.com
-    dnssec-signing: off
-    notify: [ localhost ]
+# All zone:s conf ^^^ should go into that directory
 
-  - domain: example.net
-    dnssec-signing: off
-    notify: [ localhost ]