and apache module

[mirror/dsa-puppet.git] / modules / named / manifests / init.pp

diff --git a/modules/named/manifests/init.pp b/modules/named/manifests/init.pp
index 5d2e250..8cfa408 100644 (file)
--- a/modules/named/manifests/init.pp
+++ b/modules/named/manifests/init.pp
@@ -1,30 +1,37 @@
 class named {
-        include munin-node::bind
+    activate_munin_check {
+        "bind":;
+    }
 
-        package {
-                bind9: ensure => installed;
-        }
+    package {
+        bind9: ensure => installed;
+    }
 
-        exec {
-                "bind9 restart":
-                        path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
-                        refreshonly => true,
-                        ;
-        }
-        exec {
-                "bind9 reload":
-                        path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
-                        refreshonly => true,
-                        ;
-        }
-        file {
-                "/var/log/bind9":
-                        ensure  => directory,
-                        owner   => bind,
-                        group   => bind,
-                        mode    => 775,
-                        ;
-        }
+    exec {
+        "bind9 restart":
+            path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
+            refreshonly => true,
+            ;
+        "bind9 reload":
+            path        => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
+            refreshonly => true,
+            ;
+    }
+    file {
+        "/var/log/bind9":
+            ensure  => directory,
+            owner   => bind,
+            group   => bind,
+            mode    => 775,
+            ;
+    }
+    @ferm::rule { "dsa-bind":
+        domain          => "(ip ip6)",
+        description     => "Allow nameserver access",
+        rule            => "&TCP_UDP_SERVICE(53)"
+    }
 }
 
-# vim: set fdm=marker ts=8 sw=8 et:
+# vim:set et:
+# vim:set sts=4 ts=4:
+# vim:set shiftwidth=4: