projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
switch weblogsync to other ssh facter
[mirror/dsa-puppet.git]
/
modules
/
named
/
manifests
/
geodns.pp
diff --git
a/modules/named/manifests/geodns.pp
b/modules/named/manifests/geodns.pp
index
f8be485
..
ef2fa14
100644
(file)
--- a/
modules/named/manifests/geodns.pp
+++ b/
modules/named/manifests/geodns.pp
@@
-7,13
+7,6
@@
class named::geodns inherits named {
ensure => installed,
}
ensure => installed,
}
- #site::aptrepo { 'geoip':
- # url => 'http://db.debian.org/debian-admin',
- # suite => 'lenny-bind-geoip',
- # components => 'main',
- #}
- site::aptrepo { 'geoip': ensure => absent }
-
file { '/etc/bind/':
ensure => directory,
group => bind,
file { '/etc/bind/':
ensure => directory,
group => bind,
@@
-25,10
+18,6
@@
class named::geodns inherits named {
ensure => directory,
mode => '0755',
}
ensure => directory,
mode => '0755',
}
- file { '/etc/bind/named.conf.options':
- content => template('named/named.conf.options.erb'),
- notify => Service['bind9'],
- }
file { '/etc/bind/named.conf.local':
source => 'puppet:///modules/named/common/named.conf.local',
notify => Service['bind9'],
file { '/etc/bind/named.conf.local':
source => 'puppet:///modules/named/common/named.conf.local',
notify => Service['bind9'],
@@
-58,16
+47,17
@@
class named::geodns inherits named {
mode => '0555',
source => 'puppet:///modules/named/common/trigger',
}
mode => '0555',
source => 'puppet:///modules/named/common/trigger',
}
- file { '/etc/ssh/userkeys/geodnssync':
- source => 'puppet:///modules/named/common/authorized_keys',
- group => geodnssync,
- mode => '0440',
- }
file { '/etc/cron.d/dsa-boot-geodnssync': ensure => absent; }
file { '/etc/cron.d/dsa-boot-geodnssync': ensure => absent; }
- concat::fragment { '
dsa-puppet-stuff
--geodns-boot':
- target => '/etc/cron.d/
dsa-puppet-stuff
',
+ concat::fragment { '
puppet-crontab
--geodns-boot':
+ target => '/etc/cron.d/
puppet-crontab
',
content => @(EOF)
@reboot geodnssync sleep 1m && /etc/bind/geodns/trigger > /dev/null
| EOF
}
content => @(EOF)
@reboot geodnssync sleep 1m && /etc/bind/geodns/trigger > /dev/null
| EOF
}
+
+ ferm::rule { '01-dsa-bind':
+ domain => '(ip ip6)',
+ description => 'Allow nameserver access',
+ rule => '&TCP_UDP_SERVICE(53)'
+ }
}
}