options {
    directory "/var/bind";           # Working directory for BIND
    # pid-file "/var/run/named.pid";   # PID file location, was causing permission errors
    listen-on { 127.0.0.1; any; };   # Listen on localhost and all interfaces
    listen-on-v6 { none; };          # Disable IPv6 listening
    allow-query { any; };            # Allow queries from any client
    recursion yes;                   # Enable recursive queries
    forwarders { 8.8.8.8; 8.8.4.4; }; # Forward unresolved queries to Google DNS
    dnssec-validation no;            # Disable DNSSEC validation
};

include "/etc/bind/keys/tsig.key";

logging {
    channel default_log {
        file "/var/log/named.log";
        severity info;
    };
    category default { default_log; };

    # Add update debugging
    channel update_debug {
        file "/var/log/named/update_debug.log" versions 3 size 100m;
        severity debug;
        print-category yes;
        print-severity yes;
        print-time yes;
    };
    category update { update_debug; };
    category security { update_debug; };
    category database { update_debug; };
};

zone "moeny.internal" {
    type master;
    file "/etc/bind/zones/moeny.internal";
    allow-update { key "tsig-internal"; };
};

zone "." IN {
    type hint;
    file "/etc/bind/root.hints";
};