From e894be0e1ae3529c24b6d2b3d19e59074802b35a Mon Sep 17 00:00:00 2001
From: Franco Fichtner <franco@opnsense.org>
Date: Thu, 19 Sep 2024 15:21:53 +0100
Subject: [PATCH] dns/bind: light refactor for better diff

---
 dns/bind/Makefile                                  |  3 +--
 dns/bind/pkg-descr                                 |  4 ++++
 .../service/templates/OPNsense/Bind/named.conf     | 14 +++++++-------
 3 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/dns/bind/Makefile b/dns/bind/Makefile
index ad9f68174..b903a0bc5 100644
--- a/dns/bind/Makefile
+++ b/dns/bind/Makefile
@@ -1,6 +1,5 @@
 PLUGIN_NAME=		bind
-PLUGIN_VERSION=		1.32
-PLUGIN_REVISION=	1
+PLUGIN_VERSION=		1.33
 PLUGIN_COMMENT=		BIND domain name service
 PLUGIN_DEPENDS=		bind918
 PLUGIN_MAINTAINER=	m.muenz@gmail.com
diff --git a/dns/bind/pkg-descr b/dns/bind/pkg-descr
index c03a02f2b..a4e2f5250 100644
--- a/dns/bind/pkg-descr
+++ b/dns/bind/pkg-descr
@@ -9,6 +9,10 @@ WWW: https://www.isc.org
 Plugin Changelog
 ================
 
+1.33
+
+* Add option to allow the rndc-key for zone transfers (contributed by Naomi Rennie-Waldock)
+
 1.32
 
 * Fix handling of multiple ACLs in allow-query/allow-transfer (contributed by Nathan Rennie-Waldock)
diff --git a/dns/bind/src/opnsense/service/templates/OPNsense/Bind/named.conf b/dns/bind/src/opnsense/service/templates/OPNsense/Bind/named.conf
index 00bf5afbb..6b833e19a 100644
--- a/dns/bind/src/opnsense/service/templates/OPNsense/Bind/named.conf
+++ b/dns/bind/src/opnsense/service/templates/OPNsense/Bind/named.conf
@@ -166,15 +166,15 @@ zone "{{ domain.domainname }}" {
 {%       endif %}
 {%      if domain.allowtransfer is defined or (domain.allowrndctransfer is defined and domain.allowrndctransfer == "1") %}
         allow-transfer {
-{%              if domain.allowrndctransfer is defined and domain.allowrndctransfer == "1" %}
+{%          if domain.allowrndctransfer is defined and domain.allowrndctransfer == "1" %}
                 key "rndc-key";
-{%              endif %}
-{%              if domain.allowtransfer is defined %}
-{%                for acl in domain.allowtransfer.split(',') %}
-{%                  set transfer_acl = helpers.getUUID(acl) %}
+{%          endif %}
+{%          if domain.allowtransfer is defined %}
+{%              for acl in domain.allowtransfer.split(',') %}
+{%              set transfer_acl = helpers.getUUID(acl) %}
                 {{ transfer_acl.name }};
-{%                endfor %}
-{%              endif %}
+{%              endfor %}
+{%          endif %}
         };
 {%      endif %}
 {%      if domain.allowquery is defined %}