store ssh auth key snippets for buildd wb and upload access, but do not collect just yet

[mirror/dsa-puppet.git] / modules / named / manifests / primary.pp

diff --git a/modules/named/manifests/primary.pp b/modules/named/manifests/primary.pp
index 800c536..f256814 100644 (file)
--- a/modules/named/manifests/primary.pp
+++ b/modules/named/manifests/primary.pp
@@ -1,7 +1,7 @@
 class named::primary inherits named::authoritative {
        include dnsextras::entries
 
-       @ferm::rule { '01-dsa-bind-4':
+       ferm::rule { '01-dsa-bind-4':
                domain      => '(ip ip6)',
                description => 'Allow nameserver access',
                rule        => '&TCP_UDP_SERVICE_RANGE(53, ( $HOST_DNS_GEO $HOST_NAGIOS $HOST_RCODE0 $HOST_EASYDNS $HOST_NETNOD ) )',
@@ -40,6 +40,9 @@ class named::primary inherits named::authoritative {
                                        dnsnodeapi-ACL;
                                };
                                also-notify {
+                                       rcode0-masters;
+                                       dnsnode-masters;
+                                       dnsnodeapi-masters;
                                };
 
                                key-directory "/srv/dns.debian.org/var/keys/_openpgpkey.debian.org";