configpolicy/host_vars/dns0.pyrocufflink.blue.yml

pyrocufflink_red_zones:
- zone: pyrocufflink.red
  type: master
  default_records:
  - name:
    value: 172.30.0.4
  - name:
    type: AAAA
    value: 2605:6000:3ccc:fb00::4:1
  allow_update:
  - '{ !{ !172.30.0.4; any; }; key dhcp-ddns; }'
  - '{ !{ !localhost; any; }; key local-ddns; }'
  ttl: 30
- zone: 1.31.172.in-addr.arpa
  type: master
  allow_update:
  - '{ !{ !172.30.0.4; any; }; key dhcp-ddns; }'
  - '{ !{ !localhost; any; }; key local-ddns; }'
  ttl: 30

rpz_zones:
- zone: blackhole.rpz
  type: master

named_keys:
- name: dhcp-ddns
  algorithm: hmac-md5
  secret: +0zVSpY8oFrxl2F1qB8tT2HMgbuD31JurL9w4zilNCg=