projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge remote-tracking branch 'waldi/rsync-systemd-master'
[mirror/dsa-puppet.git]
/
modules
/
roles
/
manifests
/
rtc.pp
diff --git
a/modules/roles/manifests/rtc.pp
b/modules/roles/manifests/rtc.pp
index
7543670
..
7382d18
100644
(file)
--- a/
modules/roles/manifests/rtc.pp
+++ b/
modules/roles/manifests/rtc.pp
@@
-1,9
+1,20
@@
class roles::rtc {
class roles::rtc {
- ssl::service { 'www.debian.org':
+ ssl::service { 'debian.org':
+ tlsaport => [],
+ notify => Service['repro'],
+ key => true,
}
ssl::service { 'sip-ws.debian.org':
}
ssl::service { 'sip-ws.debian.org':
+ key => true,
+ }
+
+ dnsextras::tlsa_record{ 'tlsa-xmpp':
+ zone => 'debian.org',
+ certfile => "/etc/puppet/modules/ssl/files/servicecerts/www.debian.org.crt",
+ port => [5061, 5222, 5269],
+ hostname => $::fqdn,
}
@ferm::rule { 'dsa-xmpp-client-ip4':
}
@ferm::rule { 'dsa-xmpp-client-ip4':
@@
-81,4
+92,8
@@
class roles::rtc {
file { '/etc/monit/monit.d/50rtc':
ensure => absent,
}
file { '/etc/monit/monit.d/50rtc':
ensure => absent,
}
+
+ service { 'repro':
+ ensure => running,
+ }
}
}