os-bind: RNDC key file separation

**Important notices**
Before you add a new report, we ask you kindly to acknowledge the following:

- [x] I have read the contributing guide lines at https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md
- [x] I have searched the existing issues, open and closed, and I'm convinced that mine is new.
- [x] When the request is meant for an existing plugin, I've added its name to the title.

**Is your feature request related to a problem? Please describe.**

Presently, the Bind RNDC key is stored alongside some RNDC options in `/usr/local/etc/namedb/rndc.conf`.
This is incompatible with `nsupdate`, which can otherwise use the key in that format, but not with the options in the same file.
This makes configuring DDclient trickier.

**Describe the solution you'd like**

Pull the `key` section out into another, distinct file (probably `rndc.conf.key`), and then just `include` it in `rndc.conf`.

**Describe alternatives you've considered**

- Manually copy the key out to another file every time the secret changes.
- Make a hook script to do the above.

**Additional context**

<img width="752" height="477" alt="Image" src="https://github.com/user-attachments/assets/433a9f0f-bdb9-4636-9b7e-3994c76eec9e" />

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

os-bind: RNDC key file separation #5106

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

os-bind: RNDC key file separation #5106

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions