I would like to separate out opendkim default.txt from zone file and to be include in named.conf instead. I'm a little bit confused on which approach I should use and which is the correct one.
Normal approach:
named.conf
zone "mydomain.com" IN {
type master;
file "/var/named/data/mydomain.com.zone";
};
mydomain.com.zone
; zone file for mydomain.com
$ORIGIN mydomain.com.
$TTL 86400
mydomain.com. 86400 IN SOA mydomain.com. soa.mydomain.com. (
2012010101 ; Serial
86400 ; Refresh
7200 ; Retry
86400 ; Expire
86400 ) ; TTL
;
mydomain.com. 86400 IN NS ns1.mydnsdomain.com.
mydomain.com. 86400 IN NS ns2.mydnsdomain.com.
mydomain.com. 86400 IN A 1.2.3.4
mydomain.com. 86400 IN MX 0 mydomain.com.
mydomain.com. 86400 IN TXT "v=spf1 a mx ?all"
www 86400 IN CNAME mydomain.com.
ns1 86400 IN A 1.2.3.4
ns2 86400 IN A 1.2.3.4
default._domainkey IN TXT ( "v=DKIM1; k=rsa; "
"p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2VtDlIkIZXHbt5f6fFlwB2bVfYkFI44WvIx+Xx0/oqlxCAaKCkHmlYrLkqamuI/Flm51U/Yht5z1CEbQs/YdVXXkryROGuN4+5G5TR89x4zd7RX+SqODYqeYlrG5V1fQM1WFS42ei9zlDmslK7JJrlOQrs8jYbvQoV39cQuIUNwIDAQAB" ) ; ----- DKIM key default for mydomain.com
1st approach:
named.conf
zone "mydomain.com" IN {
type master;
file "/var/named/data/mydomain.com.zone";
file "/etc/opendkim/keys/mydomain.com/default.txt";
};
mydomain.com.zone
; zone file for mydomain.com
$ORIGIN mydomain.com.
$TTL 86400
mydomain.com. 86400 IN SOA mydomain.com. soa.mydomain.com. (
2012010101 ; Serial
86400 ; Refresh
7200 ; Retry
86400 ; Expire
86400 ) ; TTL
;
mydomain.com. 86400 IN NS ns1.mydnsdomain.com.
mydomain.com. 86400 IN NS ns2.mydnsdomain.com.
mydomain.com. 86400 IN A 1.2.3.4
mydomain.com. 86400 IN MX 0 mydomain.com.
mydomain.com. 86400 IN TXT "v=spf1 a mx ?all"
www 86400 IN CNAME mydomain.com.
ns1 86400 IN A 1.2.3.4
ns2 86400 IN A 1.2.3.4
default.txt
default._domainkey IN TXT ( "v=DKIM1; k=rsa; "
"p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2VtDlIkIZXHbt5f6fFlwB2bVfYkFI44WvIx+Xx0/oqlxCAaKCkHmlYrLkqamuI/Flm51U/Yht5z1CEbQs/YdVXXkryROGuN4+5G5TR89x4zd7RX+SqODYqeYlrG5V1fQM1WFS42ei9zlDmslK7JJrlOQrs8jYbvQoV39cQuIUNwIDAQAB" ) ; ----- DKIM key default for mydomain.com
2nd approach:
named.conf
zone "mydomain.com" IN {
type master;
file "/var/named/data/mydomain.com.zone";
};
mydomain.com.zone
; zone file for mydomain.com
$ORIGIN mydomain.com.
$INCLUDE "/etc/opendkim/keys/mydomain.com/default.txt" <-- guessing
$TTL 86400
mydomain.com. 86400 IN SOA mydomain.com. soa.mydomain.com. (
2012010101 ; Serial
86400 ; Refresh
7200 ; Retry
86400 ; Expire
86400 ) ; TTL
;
mydomain.com. 86400 IN NS ns1.mydnsdomain.com.
mydomain.com. 86400 IN NS ns2.mydnsdomain.com.
mydomain.com. 86400 IN A 1.2.3.4
mydomain.com. 86400 IN MX 0 mydomain.com.
mydomain.com. 86400 IN TXT "v=spf1 a mx ?all"
www 86400 IN CNAME mydomain.com.
ns1 86400 IN A 1.2.3.4
ns2 86400 IN A 1.2.3.4
default.txt
default._domainkey IN TXT ( "v=DKIM1; k=rsa; "
"p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2VtDlIkIZXHbt5f6fFlwB2bVfYkFI44WvIx+Xx0/oqlxCAaKCkHmlYrLkqamuI/Flm51U/Yht5z1CEbQs/YdVXXkryROGuN4+5G5TR89x4zd7RX+SqODYqeYlrG5V1fQM1WFS42ei9zlDmslK7JJrlOQrs8jYbvQoV39cQuIUNwIDAQAB" ) ; ----- DKIM key default for mydomain.com
Or is there any better way to do this instead of just including the defaul.txt content in the domain zone file?
Thanks!
The second approach is the correct way to use include files. I'm pretty sure that multiple
filelines within azonedeclaration (i.e. your first example) will end up generating an error.Be advised:
namedprocess is operating in a chrooted setup, the absolute path in the$INCLUDEwill need to be relative to the chroot. (like existing zone files)$directives only effect how the file is loaded into memory for the current server; when the zone transfer is requested, the zone as it's loaded into memory is what gets transferred.