rule => '&TCP_UDP_SERVICE_RANGE(53, ( $HOST_DNS_GEO $HOST_NAGIOS $HOST_RCODE0 $HOST_EASYDNS $HOST_NETNOD ) )',
}
- file { '/etc/bind/named.conf.debian-zones':
- content => template('named/named.conf.debian-zones.erb'),
- notify => Service['bind9'],
- }
-
concat::fragment { 'dsa-named-conf-puppet-misc---local-shared-keys':
target => '/etc/bind/named.conf.puppet-misc',
order => '020',
content => template('named/named.conf.external-secondaries-ACLs.erb'),
}
+ concat::fragment { 'dsa-named-conf-puppet-misc---openpgpkey-zone':
+ target => '/etc/bind/named.conf.puppet-misc',
+ order => '020',
+ content => @("EOF"/$)
+ // MAINTAIN-KEY: _openpgpkey.debian.org
+
+ zone "_openpgpkey.debian.org" {
+ type slave;
+ file "db._openpgpkey.debian.org";
+ allow-query { any; };
+ masters {
+ ${ join(getfromhash($site::allnodeinfo, 'kaufmann.debian.org', 'ipHostNumber'), ";") } ;
+ };
+ allow-transfer {
+ 127.0.0.1;
+ rcode0-ACL;
+ dnsnode-ACL;
+ dnsnodeapi-ACL;
+ };
+ also-notify {
+ };
+ };
+ | EOF
+ }
}