bind:
  lookup:
    pkgs:
      - bind
    service: named

bind:
  config:
    tmpl: salt://bind/files/debian/named.conf
    user: root
    group: named
    mode: 640
    options:
      allow-recursion: '{ any; };'  # Never include this on a public resolver

   # force bind to serve only one IP protocol (ipv4: 4, ipv6: 6). omitting this reverts to binds default of both.
   protocol: 4

bind:
  keys:
    "core_dhcp":
      secret: "YourSecretKey"
  configured_zones:
    sub.domain.com:
      type: master
      notify: False
    1.168.192.in-addr.arpa:
      type: master
      notify: False
      allow-transfer:
        - 1.1.1.1
        - 2.2.2.2 
    dynamic.domain.com:
      type: master
      allow-update: "key core_dhcp"
      notify: True 
  configured_views:
    myview1:
      match_clients:
        - client1
        - client2
      configured_zones:
        my.zone:
          type: master
          notify: False
          update_policy:
            - "grant core_dhcp name dns_entry_allowed_to_update. ANY"

bind:
  available_zones:
    sub.domain.org:
      file: db.sub.domain.org
      masters: "192.168.0.1;"