X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fdns_primary.pp;h=3e9c5bf40d7791d7293fcbbc62572ba648a9c532;hb=992b52bab4325e38d1738e21652d052ae4cc90e5;hp=0038e6378758d84c1df6d9971f603075377d2429;hpb=ba2f98bdaf1fd7299992c91a64d59a22f2d89621;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/dns_primary.pp b/modules/roles/manifests/dns_primary.pp
index 0038e6378..3e9c5bf40 100644
--- a/modules/roles/manifests/dns_primary.pp
+++ b/modules/roles/manifests/dns_primary.pp
@@ -10,5 +10,24 @@ class roles::dns_primary {
     target_user => 'letsencrypt',
     collect_tag => 'dns_primary',
   }
+  ssh::authorized_key_collect { 'dns_primary-geodnssync':
+    target_user => 'geodnssync',
+    collect_tag => 'dns_primary',
+  }
+
   ssh::keygen {'dnsadm': }
+  ssh::authorized_key_add { 'dns_primary::geodns':
+    target_user => 'geodnssync',
+    command     => '/etc/bind/geodns/trigger',
+    key         => $facts['dnsadm_key'],
+    collect_tag => 'geodnssync-node',
+  }
+
+  ssh::keygen {'letsencrypt': }
+  ssh::authorized_key_add { 'dns_primary::puppetmaster::letsencrypt-certificates':
+    target_user => 'puppet',
+    command     => 'rsync --server -vlogDtprze.iLsfx --delete --partial . /srv/puppet.debian.org/from-letsencrypt',
+    key         => $facts['letsencrypt_key'],
+    collect_tag => 'puppetmaster',
+  }
 }