- The defined type parameter
dnssechas been renamed todnssec_enableto match the main class parameter. - All DNSSEC related zone parameters have been made optional. The config parameter
dnssec-enablehas been made obsolete with Bind 9.16 so that is no longer a prerequisite to activate other config options in the template. Make sure your Puppet code defines all parameters for your DNSSEC enabled primary zones. - A primary zone using dynamic updates can now have a
contentorsourceparameter. The content of the zone file is created if the file does not exist. Subsequent puppet runs will not update the zone file as long as dynamic updates are used and the parameterupdate_policyis set for the zone.
- A syntax error with the in-view option has been fixed.
- The path to the
named-checkzonebinary is a class option now.
- The default for
root_hints_enablehas been changed fromtruetofalse. Normally a root hints file is no longer used since Bind includes an internal list of root name servers.
- Fix path of options file on Debian-11.
- The class
bind::rate_limithas been removed. All rate limit settings can be configured using the main classbind.
- Implement
update-policyfor primary zones to manage dynamic zones.
- Drop Debian 9 support
- Add defined type
bind::dnssec_policy.
- Add explicit class parameter
dnssec_lookaside. - Add explicit class parameter
dnssec_validation. - The parameters
dnssec_enableanddnssec_lookasideare obsolete with Bind 9.16.0 or later. They will be removed from the configuration file when a applicable Bind version is detected.
- Allow stdlib 8.0.0
- Implement
custom_optionsparameter to set unusual configuration options that are not implemented in the main class.
- Implement
purge,prepublish,revokeandretireparameters fordnssec_keytype. - Implement user defined logfile mode for defined type
bind::logging::channel_file.
Initial release