transition grnet cluster to new lvm config

[mirror/dsa-puppet.git] / modules / named / manifests / geodns.pp

diff --git a/modules/named/manifests/geodns.pp b/modules/named/manifests/geodns.pp
index 649268a..d9684f3 100644 (file)
--- a/modules/named/manifests/geodns.pp
+++ b/modules/named/manifests/geodns.pp
@@ -18,10 +18,6 @@ class named::geodns inherits named {
                ensure => directory,
                mode   => '0755',
        }
-       file { '/etc/bind/named.conf.options':
-               content => template('named/named.conf.options.erb'),
-               notify  => Service['bind9'],
-       }
        file { '/etc/bind/named.conf.local':
                source => 'puppet:///modules/named/common/named.conf.local',
                notify  => Service['bind9'],
@@ -63,4 +59,10 @@ class named::geodns inherits named {
                        @reboot geodnssync sleep 1m && /etc/bind/geodns/trigger > /dev/null
                        | EOF
        }
+
+       @ferm::rule { '01-dsa-bind':
+               domain      => '(ip ip6)',
+               description => 'Allow nameserver access',
+               rule        => '&TCP_UDP_SERVICE(53)'
+       }
 }