Basic setup of bind is handled by Puppet class hcoop::service::bind9
1. New Nameserver
When adding a new nameserver to hcoop.net, or changing the values of ns.hcoop.net update the glue records at our registrar. Otherwise, hcoop.net may stop resolving.
We're using the stock Debian bind9 configuration. You'll need to open the domain input port, and allow outpit port 953 on localhost for rdnc to be able to control bind.
3. Filesystem layout
BIND data lives in /etc/bind. This directory is seeded with the default files from the Debian bind9 package. Additionally, we add a zones subdirectory.
DomTool periodically deposits /etc/bind/named.conf.local, listing all of our hosted DNS zones and their master/slave statuses and configuration. DomTool also populates /etc/bind/zones with zonefiles referenced by /etc/bind/named.conf.local on any master servers.
/etc/bind/zones must be owned by user bind so that it can modify/create slave zone files.