From 040e719506a23e33278ee498fcba327728a9e703 Mon Sep 17 00:00:00 2001
From: Alex Dehnert <alex@dehnerts.com>
Date: Thu, 27 Jul 2023 13:18:13 -0400
Subject: [PATCH] Continue swapping DNS primary over to chankillo

---
 config/dyndehnerts-secondary.conf |  8 ++++++++
 named.conf.local                  |  2 +-
 named.conf.olinda                 | 22 +---------------------
 3 files changed, 10 insertions(+), 22 deletions(-)
 create mode 100644 config/dyndehnerts-secondary.conf

diff --git a/config/dyndehnerts-secondary.conf b/config/dyndehnerts-secondary.conf
new file mode 100644
index 0000000..dad5d9f
--- /dev/null
+++ b/config/dyndehnerts-secondary.conf
@@ -0,0 +1,8 @@
+zone "dynamic.dehnerts.com" IN {
+        // secondary is equivalent, starting in bind-9.15.8
+        // https://github.com/isc-projects/bind9/commit/79c2400d91b818e66a45494784cea17f46e807f2
+        type slave;
+        file "/var/lib/bind/dynamic.dehnerts.zone";
+        masters { "primary-ns"; };
+        allow-query { any; };
+};
diff --git a/named.conf.local b/named.conf.local
index c42339d..fd8724f 100644
--- a/named.conf.local
+++ b/named.conf.local
@@ -38,7 +38,7 @@ acl "transfer-allowed" {
 };
 
 masters "primary-ns" {
-	18.18.208.12;   // olinda
+	18.18.208.22;   // chankillo
 };
 
 masters "secondary-ns" {
diff --git a/named.conf.olinda b/named.conf.olinda
index cdf1537..4f8db2b 100644
--- a/named.conf.olinda
+++ b/named.conf.olinda
@@ -1,21 +1 @@
-include "/etc/bind/pri/dynamic.keys";
-
-zone "dynamic.dehnerts.com" IN {
-	type master;
-	file "/etc/bind/dyn/dynamic.zone";
-	update-policy {
-            grant * selfsub * A TXT;
-            grant adehnert-pi4.dynamic.dehnerts.com name _acme-challenge.duck-dacha.dynamic.dehnerts.com TXT;
-            grant adehnert-pi4.dynamic.dehnerts.com name _acme-challenge.homeassistant.dynamic.dehnerts.com TXT;
-            grant adehnert-pi4.dynamic.dehnerts.com name _acme-challenge.pihole.dynamic.dehnerts.com TXT;
-            grant adehnert-pi4.dynamic.dehnerts.com name _acme-challenge.unifi.dynamic.dehnerts.com TXT;
-            grant xidi.dynamic.dehnerts.com name _acme-challenge.duck-dacha.dynamic.dehnerts.com TXT;
-            grant xidi.dynamic.dehnerts.com name _acme-challenge.homeassistant.dynamic.dehnerts.com TXT;
-            grant xidi.dynamic.dehnerts.com name _acme-challenge.pihole.dynamic.dehnerts.com TXT;
-            grant xidi.dynamic.dehnerts.com name _acme-challenge.unifi.dynamic.dehnerts.com TXT;
-            grant adehnert-test-d.dynamic.dehnerts.com name _acme-challenge.squaresdb.dynamic.dehnerts.com TXT;
-        };
-	allow-transfer { "transfer-allowed"; };
-	allow-query { any; };
-	also-notify { "secondary-ns"; };
-};
+include "/etc/bind/config/dyndehnerts-secondary.conf";
-- 
2.34.1