make dns primary export and keyring host collect firewall rules for the openpgpkey...

[mirror/dsa-puppet.git] / modules / ferm / templates / defs.conf.erb

diff --git a/modules/ferm/templates/defs.conf.erb b/modules/ferm/templates/defs.conf.erb
index ff0b14b..1ec8031 100644 (file)
--- a/modules/ferm/templates/defs.conf.erb
+++ b/modules/ferm/templates/defs.conf.erb
@@ -24,7 +24,7 @@
   allnodeinfo = scope.lookupvar('deprecated::allnodeinfo')
   roles = scope.lookupvar('deprecated::roles')
 
-  %w{mailrelay nagiosmaster extranrpeclient muninmaster postgres_backup_server syncproxy security_master ftp_master historical_master ports_master mirrormaster dns_primary}.each do |role|
+  %w{mailrelay nagiosmaster extranrpeclient muninmaster postgres_backup_server syncproxy security_master ftp_master historical_master ports_master mirrormaster}.each do |role|
     rolehost[role] = []
     roles[role].each do |node|
         next unless allnodeinfo.has_key?(node) and allnodeinfo[node].has_key?('ipHostNumber')
@@ -76,9 +76,6 @@
 @def $HOST_SYNCPROXY_V4 = ($HOST_SYNCPROXY_V4 128.101.240.216              128.31.0.64                 149.20.4.16      209.87.16.40);
 @def $HOST_SYNCPROXY_V6 = ($HOST_SYNCPROXY_V6 2607:ea00:101:3c0b::1deb:216 2603:400a:ffff:bb8::801f:40                  2001:4f8:1:c::16 2607:f8f0:614:1::1274:40);
 
-@def $HOST_DNSPRIMARY_V4 = (<%= scope.function_filter_ipv4([rolehost['dns_primary']]).uniq.join(' ') %>);
-@def $HOST_DNSPRIMARY_V6 = (<%= scope.function_filter_ipv6([rolehost['dns_primary']]).uniq.join(' ') %>);
-@def $HOST_DNSPRIMARY = ($HOST_DNSPRIMARY_V4 $HOST_DNSPRIMARY_V6);
 
 <%
 def getfastlyranges()