---
# Split-horizon DNS configuration for CoreDNS
# This allows different DNS responses for internal vs external domains
apiVersion: v1
kind: ConfigMap
metadata:
  name: coredns-custom
  namespace: kube-system
data:
  internal-zones.server: |
    # Internal zone configuration for *.internal.${DOMAIN}
    internal.${DOMAIN} {
      errors
      log
      hosts {
        192.168.8.240 example-admin.internal.${DOMAIN}
        192.168.8.240 dashboard.internal.${DOMAIN}
        192.168.8.241 test.internal.${DOMAIN}
        fallthrough
      }
      cache 30
      # Use kubernetes service discovery for internal services
      kubernetes cluster.local {
        pods insecure
        fallthrough in-addr.arpa ip6.arpa
      }
      # Forward to Google DNS if not found locally
      forward . 8.8.8.8 8.8.4.4
    }
  
  external-zones.server: |
    # External zone configuration for *.${DOMAIN}
    ${DOMAIN} {
      errors
      log
      cache 30
      # For external services, forward to Cloudflare for correct public resolution
      forward . 1.1.1.1 8.8.8.8 {
        max_concurrent 1000
      }
    }