class named::primary inherits named::authoritative {
include dnsextras::entries
+
+ @ferm::rule { '01-dsa-bind-4':
+ domain => '(ip ip6)',
+ description => 'Allow nameserver access',
+ rule => '&TCP_UDP_SERVICE_RANGE(53, ( $HOST_DNS_GEO $HOST_NAGIOS $HOST_RCODE0 $HOST_EASYDNS $HOST_NETNOD ) )',
+ }
+
+ file { '/etc/bind/named.conf.debian-zones':
+ content => template('named/named.conf.debian-zones.erb'),
+ notify => Service['bind9'],
+ }
+
+ concat::fragment { 'dsa-named-conf-puppet-misc---named.conf.external-secondaries-ACLs':
+ target => '/etc/bind/named.conf.puppet-misc',
+ order => '010',
+ content => template('named/named.conf.external-secondaries-ACLs.erb'),
+ }
+
+ concat::fragment { 'dsa-named-conf-puppet-misc---local-shared-keys':
+ target => '/etc/bind/named.conf.puppet-misc',
+ order => '011',
+ content => @(EOF),
+ include "/etc/bind/named.conf.shared-keys";
+ | EOF
+ }
}