bindcar 0.6.0

HTTP REST API for managing BIND9 zones via rndc
# Changelog

All notable changes to this project will be documented in this file.

## [Unreleased]

### Added
- **DNSSEC Support**: Native support for DNSSEC (DNS Security Extensions) via BIND9 9.16+ policies
  - New `dnssecPolicy` field in `ZoneConfig` to specify DNSSEC policy name
  - New `inlineSigning` field to enable automatic inline signing
  - Full integration with BIND9's `dnssec-policy` and `inline-signing` directives
  - Automatic key generation and management by BIND9
  - Comprehensive DNSSEC documentation in user guide and advanced topics
  - API examples and Rust library usage patterns

### Changed
- Updated `ZoneConfig` struct with optional DNSSEC fields (backward compatible)
- Enhanced zone creation endpoint to support DNSSEC configuration
- Updated all documentation with DNSSEC examples and best practices

### Documentation
- Added comprehensive [DNSSEC Guide]docs/src/advanced/dnssec.md
- Updated [Zone Configuration]docs/src/user-guide/zone-config.md with DNSSEC fields
- Updated [API Reference]docs/src/reference/api-zones.md with DNSSEC examples
- Added DNSSEC examples to code documentation and doctests

## [2025-12-03] - Initial Release

**Author:** Erick Bourgeois

### Added
- HTTP REST API for managing BIND9 zones via rndc commands
- Structured zone configuration with type-safe JSON API
- Support for SOA records, NS records, and all common DNS record types
- Bearer token authentication
- Health check and readiness endpoints
- RNDC executor with async command execution
- Zone file generation from structured configuration
- Comprehensive test coverage

### Features
- **Zone Management**: Create, delete, reload zones
- **Zone Operations**: Freeze, thaw, notify secondaries
- **Status Checks**: Server status and per-zone status
- **Authentication**: ServiceAccount token-based auth
- **Logging**: Structured JSON logging with tracing
- **Security**: Non-root execution, input validation

### Why
Extracted from the [bindy Kubernetes operator](https://github.com/firestoned/bindy) to provide
a standalone HTTP API for BIND9 management that can be used in any environment (Docker, VMs,
bare metal) - not just Kubernetes.

### Impact
- [x] Initial standalone release
- [ ] Breaking change
- [ ] Requires migration