kind: compose metadata: name: BIND9 description: 'BIND9 is the most widely used DNS server on the Internet. This template provides an authoritative and recursive DNS server with example zones, TSIG authentication for secure zone transfers, and DNSSEC support. ## References * **Project:** https://www.isc.org/bind/ * **Documentation:** https://bind9.readthedocs.io/' version: 9.20-24.10_edge author: Christian Lempa date: '2025-10-02' tags: - network - volume icon: provider: selfh id: bind-9 draft: true schema: '1.2' spec: dns_security: title: dns_security vars: dnssec_enabled: description: Enable DNSSEC type: bool toggle: dnssec_enabled description: Configure DNSSEC signing dns_zone: title: dns_zone vars: domain_name: description: Primary domain name type: str default: home.arpa tsig_enabled: description: Enable TSIG type: bool tsig_key_secret: description: TSIG key secret type: str sensitive: true autogenerated: true needs: - tsig_enabled=true toggle: tsig_enabled description: Configure TSIG authentication for zone transfers network: null volume: vars: volume_mode: type: enum options: - local - mount - nfs default: local required: true volume_mount_path: type: str default: /mnt/storage needs: - volume_mode=mount required: true volume_nfs_server: type: str default: 192.168.1.1 needs: - volume_mode=nfs required: true volume_nfs_path: type: str default: /export needs: - volume_mode=nfs required: true volume_nfs_options: type: str default: rw,nolock,soft needs: - volume_mode=nfs required: true general: vars: service_name: default: bind9 container_hostname: type: str container_timezone: type: str restart_policy: type: enum options: - unless-stopped - always - on-failure - 'no' default: unless-stopped required: true