# PowerDNS All configuration is to be placed inside the `powerdns` dict. ``` # key:value of config values config: "allow-axfr-ips": - ::1 - 127.0.0.0/8 "bind-config": /etc/powerdns/backends/bind.conf "config-dir": /etc/powerdns "daemon": "yes" "default-ttl": 3600 "guardian": "yes" "include-dir": "/etc/powerdns/pdns.d" "launch": bind: {} "master": "no" "reuseport": "yes" "setgid": pdns "setuid": pdns "slave": "no" "soa-minimum-ttl": 300 "tcp-control-secret": "{{ lookup('password', '/dev/null length=64') }}" "version-string": "1" # name: *zonemeta*, define meta data for zones. See below for definition zonemeta: {} # defaults for zone metadata, See **zonemeta** for definition. zonemeta_defaults: type: native "allow-query": - any "allow-update": - none "allow-transfer": - none "slaves": - none # name: **zone**, define all dns zones. See below for definition. zones: {} ``` **zonemeta** ``` # Can be master/slave/native # See https://doc.powerdns.com/authoritative/backends/bind.html#master-slave-native-configuration type: native "allow-query": - any "allow-update": - none "allow-transfer": - none "slaves": - none ``` ## zone** The basic format is `: { : [, ] }` It is possible to do short hand notations: * If there is only a single value for an entry, you can omit the array and use ``: { : }` * YAML anchors and merges are recommend for situations where a `CNAME` is not possible * You can use hierachy to shorten paths. If you have `foo.example.com` and 'bar.example.com' you could write ``` "example.com.": foo: A: 1.1.1.1 bar: A: 1.1.1.1 ``` For the `SOA` record, `##sequence##` is replaced by a generated sqeuence number. Example for a zone: ``` "example.de": SOA: "ns.example.de zonefile.example.de ##sequence## 1d 2h 4w 1h" CAA: 0 issue "letsencrypt.org" NS: - ns0.example.de - ns1.example.de ns: CNAME: ns0.example.de. ns0: A: 1.1.1.1 AAAA: ::5 git: A: - 2.2.2.2 - 3.3.3.3 AAAA: ::6 ```