Load named::geodns from roles/manifests/init.pp based on hiera instead of from site...

[mirror/dsa-puppet.git] / modules / roles / manifests / init.pp

diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp
index 22f9af6..51f9be5 100644 (file)
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -39,6 +39,10 @@ class roles {
                        notify  => Exec['service apache2 reload'],
                        key => true,
                }
+               @ferm::rule { 'dsa-bugs-abusers':
+                       prio    => "005",
+                       rule    => "saddr (220.243.135/24 220.243.136/24) DROP",
+               }
        }
        if has_role('bugs_master') {
                ssl::service { 'bugs-devel.debian.org': notify  => Exec['service apache2 reload'], key => true, }
@@ -157,6 +161,10 @@ class roles {
                include named::primary
        }
 
+       if has_role('dns_geo') {
+               include named::geodns
+       }
+
        if has_role('weblog_destination') {
                include roles::weblog_destination
        }