---

knot_interfaces:
  - '0.0.0.0@53'
  - '::@53'

knot_keys:
  - { id: 'rndc-key', algorithm: 'hmac-md5', secret: '{{ vault_rndc_key_secret }}' }

knot_extras: |
  remote:
    - id: slave01
      address: 1.2.3.4
      key: rndc-key
  
  acl:
    - id: acl_slave
      address: [1.2.3.4]
      action: transfer
      key: rndc-key
  
  template:
    - id: default
      storage: "/var/lib/knot"
      file: "%s.zone"
      acl: acl_slave
      notify: [slave01]

knot_zones:
  - { name: 'mydomain.org', file: 'mydomain.org.zone', notify: '[slave01]', acl: 'acl_slave' }