From 9df741b0402c6f62aae86807e1e67a31307c5805 Mon Sep 17 00:00:00 2001
From: notplants <max@mfowler.info>
Date: Tue, 11 Jan 2022 16:35:54 -0500
Subject: [PATCH] Switch to using allow-update

---
 README.md            | 21 ++++++++++++++++++++-
 src/generate_zone.rs | 18 +++++++++++++++---
 2 files changed, 35 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 0c992b6..4aca3c6 100644
--- a/README.md
+++ b/README.md
@@ -44,7 +44,7 @@ curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc": "2.0", "method"
 
 
 
-test peach-bind9 is running,
+# test peach-bind9 is running,
 ```
 # this returns version of bind running
 dig -t txt -c chaos VERSION.BIND @IP_ADDRESS_OF_SERVER 
@@ -56,4 +56,23 @@ nslookup blue.dyn.peachcloud.org YOUR_SERVER_IP_ADDRESS
 nslookup blue.dyn.peachcloud.org ns.peachcloud.org
 ```
 
+# test nsupdate is working 
+
+``` 
+/usr/bin/nsupdate -k /var/lib/peachcloud/peach-dyndns/tsig.key -v <<EOF
+server ns.peachcloud.org
+zone bluemirage889.dyn.peachcloud.org
+update delete bluemirage889.dyn.peachcloud.org
+update add bluemirage889.dyn.peachcloud.org 30 A 174.76.52.101
+send
+EOF
+```
+``` 
+cat <<EOF |  /usr/bin/nsupdate -k /var/lib/peachcloud/peach-dyndns/tsig.key -v 
+server ns.peachcloud.org
+zone bluemirage889.dyn.peachcloud.org
+update delete bluemirage889.dyn.peachcloud.org
+update add bluemirage889.dyn.peachcloud.org 30 A 174.76.52.101
+send
+EOF
 ```
diff --git a/src/generate_zone.rs b/src/generate_zone.rs
index 475319d..db91eb9 100644
--- a/src/generate_zone.rs
+++ b/src/generate_zone.rs
@@ -100,14 +100,26 @@ pub fn generate_zone(full_domain: &str) -> Result<String, PeachDynDnsError> {
         .append(true)
         .open(bind_conf_path)
         .unwrap_or_else(|_| panic!("failed to open {}", bind_conf_path));
+    // this commented out section, with update-policy stopped working
+    // so we are now using allow-update
+    // let zone_section_text = format!(
+    //     "\
+    //     zone \"{full_domain}\" {{
+    //         type master;
+    //         file \"/var/lib/bind/{full_domain}\";
+    //         update-policy {{
+	//             grant {full_domain} self {full_domain};
+    //         }};
+    //     }};
+    // ",
+    //     full_domain = full_domain
+    // );
     let zone_section_text = format!(
         "\
         zone \"{full_domain}\" {{
             type master;
             file \"/var/lib/bind/{full_domain}\";
-            update-policy {{
-	            grant {full_domain} self {full_domain};
-            }};
+            allow-update {key "{full_domain}";};
         }};
     ",
         full_domain = full_domain