projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
stop using virtual resources for ferm::rule
[mirror/dsa-puppet.git]
/
modules
/
roles
/
manifests
/
init.pp
diff --git
a/modules/roles/manifests/init.pp
b/modules/roles/manifests/init.pp
index
b17314f
..
65c23bc
100644
(file)
--- a/
modules/roles/manifests/init.pp
+++ b/
modules/roles/manifests/init.pp
@@
-7,21
+7,12
@@
# include roles
#
class roles {
# include roles
#
class roles {
-
- if has_role('puppetmaster') {
- include puppetmaster
- }
-
if has_role('muninmaster') {
include munin::master
}
if has_role('nagiosmaster') {
if has_role('muninmaster') {
include munin::master
}
if has_role('nagiosmaster') {
- # include nagios::server
- ssl::service { 'nagios.debian.org':
- notify => Exec['service apache2 reload'],
- key => true,
- }
+ include nagios::server
}
# XXX: turn this into a real role
}
# XXX: turn this into a real role
@@
-43,6
+34,10
@@
class roles {
notify => Exec['service apache2 reload'],
key => true,
}
notify => Exec['service apache2 reload'],
key => true,
}
+ ferm::rule { 'dsa-bugs-abusers':
+ prio => "005",
+ rule => "saddr (220.243.135/24 220.243.136/24) DROP",
+ }
}
if has_role('bugs_master') {
ssl::service { 'bugs-devel.debian.org': notify => Exec['service apache2 reload'], key => true, }
}
if has_role('bugs_master') {
ssl::service { 'bugs-devel.debian.org': notify => Exec['service apache2 reload'], key => true, }
@@
-158,7
+153,11
@@
class roles {
}
if has_role('dns_primary') {
}
if has_role('dns_primary') {
- include named::primary
+ include roles::dns_primary
+ }
+
+ if has_role('dns_geo') {
+ include roles::dns_geodns
}
if has_role('weblog_destination') {
}
if has_role('weblog_destination') {
@@
-197,10
+196,6
@@
class roles {
include roles::tracker
}
include roles::tracker
}
- if has_role('buildd_master') {
- include roles::buildd_master
- }
-
if has_role('piuparts') {
include roles::piuparts
}
if has_role('piuparts') {
include roles::piuparts
}
@@
-286,11
+281,15
@@
class roles {
include roles::snapshot_web
}
include roles::snapshot_web
}
+ if has_role('snapshot_shell') {
+ include roles::snapshot_shell
+ }
+
if has_role('veyepar.debian.org') {
if has_role('veyepar.debian.org') {
- ssl::service { 'veyepar.debian.org': notify => Exec['service apache2 reload'], key => true, }
+ include roles::veyepar
}
if has_role('sreview.debian.org') {
}
if has_role('sreview.debian.org') {
- ssl::service { 'sreview.debian.net': notify => Exec['service apache2 reload'], key => true, }
+ include roles::sreview
}
if has_role('debtags') {
}
if has_role('debtags') {
@@
-383,11
+382,7
@@
class roles {
if has_role('alioth_archive') {
include roles::alioth_archive
}
if has_role('alioth_archive') {
include roles::alioth_archive
}
-
- if has_role('kanboard') {
- include apache2
- package {'php-gd': ensure => installed }
- package {'php-pgsql': ensure => installed }
- package {'libapache2-mod-php': ensure => installed }
+ if has_role('anonscm') {
+ include roles::anonscm
}
}
}
}