projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
disallow puppet access from clients for now
[mirror/dsa-puppet.git] / modules / roles / manifests / keyring.pp
diff --git a/modules/roles/manifests/keyring.pp b/modules/roles/manifests/keyring.pp
index 910b666..25ab9d3 100644 (file)
--- a/modules/roles/manifests/keyring.pp
+++ b/modules/roles/manifests/keyring.pp
@@ -14,7 +14,7 @@ class roles::keyring {
 
        $notify_address_bind = join(getfromhash($site::allnodeinfo, 'denis.debian.org', 'ipHostNumber'), "; ")
 
-       @ferm::rule { '01-dsa-bind':
+       ferm::rule { '01-dsa-bind':
                domain      => '(ip ip6)',
                description => 'Allow nameserver access',
                rule        => '&TCP_UDP_SERVICE_RANGE(53, ( $HOST_NAGIOS $HOST_DNSPRIMARY ) )',
@@ -24,7 +24,6 @@ class roles::keyring {
                target => '/etc/bind/named.conf.puppet-misc',
                order  => '020',
                content  => @("EOF"),
-                       // MAINTAIN-KEY: _openpgpkey.debian.org
                        zone "_openpgpkey.debian.org" {
                                type master;
                                file "/srv/keyring.debian.org/_openpgpkey.debian.org.zone";
Unnamed repository; edit this file 'description' to name the repository.