projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
move 3rd party nameserver info from the ferm template to hiera, retire geodns old...
[mirror/dsa-puppet.git] / hieradata / common.yaml
diff --git a/hieradata/common.yaml b/hieradata/common.yaml
index 57ce7a5..c8c0fb8 100644 (file)
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@@ -13,6 +13,22 @@ resolv::searchpaths: ['debian.org']
 staticsync::user: 'staticsync'
 staticsync::basedir: '/srv/static.debian.org'
 
+roles::dns_primary::allow_access:
+  # easydns
+  - '64.68.200.91'
+  - '205.210.42.80'
+  # rcode0
+  - '83.136.34.0/27'
+  - '2a02:850:8::/47'
+  # netnod
+  - '192.71.80.0/24'
+  - '192.36.144.222'
+  - '192.36.144.218'
+  - '194.146.105.24'
+  - '194.146.105.25'
+  - '2a01:3f0:0:27::24'
+  - '2a01:3f0:0:28::25'
+
 # other variables
 allow_dns_query: []
 role_config__mirrors:
@@ -39,11 +55,6 @@ roles:
   dns_primary:
     # XXX - used by ferm templates/defs.conf.erb
     - denis.debian.org
-  dns_geo:
-    # XXX - used by ferm templates/defs.conf.erb
-    - geo1.debian.org
-    - geo2.debian.org
-    - geo3.debian.org
   extranrpeclient:
     # XXX - used by ferm templates/defs.conf.erb
     - denis.debian.org
Unnamed repository; edit this file 'description' to name the repository.