projects
/
mirror
/
dsa-puppet.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
f50f9cb
)
powell is dead. long live powell
author
Peter Palfrader
<peter@palfrader.org>
Tue, 16 Apr 2013 22:46:56 +0000
(
00:46
+0200)
committer
Peter Palfrader
<peter@palfrader.org>
Tue, 16 Apr 2013 22:46:56 +0000
(
00:46
+0200)
modules/apache2/manifests/init.pp
patch
|
blob
|
history
modules/debian-org/misc/local.yaml
patch
|
blob
|
history
modules/exim/templates/virtualdomains.erb
patch
|
blob
|
history
modules/ferm/manifests/per-host.pp
patch
|
blob
|
history
modules/nagios/templates/obsolete-packages-ignore.d-hostspecific.erb
patch
|
blob
|
history
modules/named/templates/named.conf.debian-zones.erb
patch
|
blob
|
history
modules/sudo/files/sudoers
patch
|
blob
|
history
diff --git
a/modules/apache2/manifests/init.pp
b/modules/apache2/manifests/init.pp
index
1f232b9
..
3533856
100644
(file)
--- a/
modules/apache2/manifests/init.pp
+++ b/
modules/apache2/manifests/init.pp
@@
-81,7
+81,7
@@
class apache2 {
}
}
}
}
- if $::hostname in [busoni,holter,lindberg,master,
powell,
beach,buxtehude] {
+ if $::hostname in [busoni,holter,lindberg,master,beach,buxtehude] {
include apache2::dynamic
} else {
@ferm::rule { 'dsa-http':
include apache2::dynamic
} else {
@ferm::rule { 'dsa-http':
diff --git
a/modules/debian-org/misc/local.yaml
b/modules/debian-org/misc/local.yaml
index
eca934c
..
dbdf6bb
100644
(file)
--- a/
modules/debian-org/misc/local.yaml
+++ b/
modules/debian-org/misc/local.yaml
@@
-177,7
+177,7
@@
services:
nagiosmaster: tchaikovsky.debian.org
extranrpeclient:
- orff.debian.org
nagiosmaster: tchaikovsky.debian.org
extranrpeclient:
- orff.debian.org
- packagesmaster: powell.debian.org
+
#
packagesmaster: powell.debian.org
packagesqamaster: quantz.debian.org
puppetmaster: handel.debian.org
rtmaster:
packagesqamaster: quantz.debian.org
puppetmaster: handel.debian.org
rtmaster:
@@
-206,7
+206,6
@@
host_settings:
- muffat.debian.org
- nono.debian.org
- popov.debian.org
- muffat.debian.org
- nono.debian.org
- popov.debian.org
- - powell.debian.org
- quantz.debian.org
- ravel.debian.org
- reger.debian.org
- quantz.debian.org
- ravel.debian.org
- reger.debian.org
diff --git
a/modules/exim/templates/virtualdomains.erb
b/modules/exim/templates/virtualdomains.erb
index
94a0907
..
8a5bd1f
100644
(file)
--- a/
modules/exim/templates/virtualdomains.erb
+++ b/
modules/exim/templates/virtualdomains.erb
@@
-49,8
+49,6
@@
debian.eu: user=nobody group=Debian directory=/srv/star.debian.star/"
when "popov.debian.org" then "popcon.debian.org: user=popcon group=popcon directory=/srv/popcon.debian.org/mail/"
when "popov.debian.org" then "popcon.debian.org: user=popcon group=popcon directory=/srv/popcon.debian.org/mail/"
- when "powell.debian.org" then "packages.debian.org: user=pkg_user group=Debian directory=/org/packages.debian.org/mail/"
-
when "quantz.debian.org" then "qa.debian.org: user=qa group=qa directory=/srv/qa.debian.org/mail/
packages.qa.debian.org: user=qa group=qa directory=/srv/packages.qa.debian.org/mail"
when "quantz.debian.org" then "qa.debian.org: user=qa group=qa directory=/srv/qa.debian.org/mail/
packages.qa.debian.org: user=qa group=qa directory=/srv/packages.qa.debian.org/mail"
diff --git
a/modules/ferm/manifests/per-host.pp
b/modules/ferm/manifests/per-host.pp
index
575050f
..
5aee5de
100644
(file)
--- a/
modules/ferm/manifests/per-host.pp
+++ b/
modules/ferm/manifests/per-host.pp
@@
-3,7
+3,7
@@
class ferm::per-host {
include ferm::zivit
}
include ferm::zivit
}
- if $::hostname in [glinka,klecker,merikanto,
powell,
ravel,rietz,senfl,sibelius,stabile] {
+ if $::hostname in [glinka,klecker,merikanto,ravel,rietz,senfl,sibelius,stabile] {
ferm::rule { 'dsa-rsync':
domain => '(ip ip6)',
description => 'Allow rsync access',
ferm::rule { 'dsa-rsync':
domain => '(ip ip6)',
description => 'Allow rsync access',
@@
-88,17
+88,6
@@
class ferm::per-host {
rule => '&SERVICE(udp, 69)'
}
}
rule => '&SERVICE(udp, 69)'
}
}
- powell: {
- @ferm::rule { 'dsa-powell-v6-tunnel':
- description => 'Allow powell to use V6 tunnel broker',
- rule => 'proto ipv6 saddr 212.227.117.6 jump ACCEPT'
- }
- @ferm::rule { 'dsa-powell-btseed':
- domain => '(ip ip6)',
- description => 'Allow powell to seed BT',
- rule => 'proto tcp dport 8000:8100 jump ACCEPT'
- }
- }
lotti,lully: {
@ferm::rule { 'dsa-syslog':
description => 'Allow syslog access',
lotti,lully: {
@ferm::rule { 'dsa-syslog':
description => 'Allow syslog access',
diff --git
a/modules/nagios/templates/obsolete-packages-ignore.d-hostspecific.erb
b/modules/nagios/templates/obsolete-packages-ignore.d-hostspecific.erb
index
201d0b2
..
f5f454a
100644
(file)
--- a/
modules/nagios/templates/obsolete-packages-ignore.d-hostspecific.erb
+++ b/
modules/nagios/templates/obsolete-packages-ignore.d-hostspecific.erb
@@
-14,7
+14,6
@@
when /(zandonai|zelenka).debian.org/: ignore << %w{samhain zabbix-agent rrdcol
when /(zappa|zemlinsky).debian.org/: ignore << %w{samhain}
when /(mayer|corelli).debian.org/: ignore << "linux-base"
when /(alkman|caballero|merulo|mundy).debian.org/: ignore << "samhain"
when /(zappa|zemlinsky).debian.org/: ignore << %w{samhain}
when /(mayer|corelli).debian.org/: ignore << "linux-base"
when /(alkman|caballero|merulo|mundy).debian.org/: ignore << "samhain"
-when "powell.debian.org": ignore << %w{e2fslibs e2fsprogs libblkid1 libcomerr2 libss2 libuuid1 uuid-runtime}
when "rossini.debian.org": ignore << %w{ganeti2}
when "franck.debian.org": ignore << %w{python-apt}
when /(abel|arnold|alain|alwyn|antheil|arne).debian.org/: ignore << %w{flash-kernel linux-firmware-image}
when "rossini.debian.org": ignore << %w{ganeti2}
when "franck.debian.org": ignore << %w{python-apt}
when /(abel|arnold|alain|alwyn|antheil|arne).debian.org/: ignore << %w{flash-kernel linux-firmware-image}
diff --git
a/modules/named/templates/named.conf.debian-zones.erb
b/modules/named/templates/named.conf.debian-zones.erb
index
353e430
..
ad48f2c
100644
(file)
--- a/
modules/named/templates/named.conf.debian-zones.erb
+++ b/
modules/named/templates/named.conf.debian-zones.erb
@@
-26,9
+26,6
@@
zones << "2.0.0.0.2.0.0.0.8.5.8.0.1.0.0.2.ip6.arpa"
zones << "192-27.211.177.194.in-addr.arpa"
zones << "b.e.d.0.c.f.f.2.8.4.6.0.1.0.0.2.ip6.arpa"
zones << "192-27.211.177.194.in-addr.arpa"
zones << "b.e.d.0.c.f.f.2.8.4.6.0.1.0.0.2.ip6.arpa"
-# ipv6 at 1&1 - powell: 2001:08d8:0081:1520::/60
-zones << "2.5.1.1.8.0.0.8.d.8.0.1.0.0.2.ip6.arpa"
-
# ipv6 at 1&1 - wieck and schumann - old range April 2011
zones << "2.6.a.0.4.6.5.6.1.0.0.0.2.0.0.0.8.d.8.0.1.0.0.2.ip6.arpa"
# ipv6 at 1&1 - wieck and schumann - old range April 2011
zones << "2.6.a.0.4.6.5.6.1.0.0.0.2.0.0.0.8.d.8.0.1.0.0.2.ip6.arpa"
diff --git
a/modules/sudo/files/sudoers
b/modules/sudo/files/sudoers
index
e5c6c6c
..
a5e2200
100644
(file)
--- a/
modules/sudo/files/sudoers
+++ b/
modules/sudo/files/sudoers
@@
-62,7
+62,7
@@
nagios ALL=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=[0129] show statu
nagios franck=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=1 enclosure 1E\:1 show detail
# other raid controllers
nagios franck=(ALL) NOPASSWD: /usr/sbin/hpacucli controller slot=1 enclosure 1E\:1 show detail
# other raid controllers
-
nagios
powell=(ALL) NOPASSWD: /usr/local/sbin/areca-cli vsf info
+
#nagios
powell=(ALL) NOPASSWD: /usr/local/sbin/areca-cli vsf info
nagios puccini=(ALL) NOPASSWD: /usr/local/bin/tw_cli info c0 u0 status
nagios MPTRAIDHOSTS=(ALL) NOPASSWD: /usr/sbin/mpt-status -s
nagios AACRAIDHOSTS=(ALL) NOPASSWD: /usr/local/bin/arcconf GETCONFIG 1 LD, /usr/local/bin/arcconf GETCONFIG 1 AD
nagios puccini=(ALL) NOPASSWD: /usr/local/bin/tw_cli info c0 u0 status
nagios MPTRAIDHOSTS=(ALL) NOPASSWD: /usr/sbin/mpt-status -s
nagios AACRAIDHOSTS=(ALL) NOPASSWD: /usr/local/bin/arcconf GETCONFIG 1 LD, /usr/local/bin/arcconf GETCONFIG 1 AD
@@
-134,7
+134,7
@@
buildd ALL=(ALL) NOPASSWD: ALL
# The piuparts slave needs to handle chroots
piupartss piatti=(ALL) NOPASSWD: ALL
# trigger of mirror run for packages
# The piuparts slave needs to handle chroots
piupartss piatti=(ALL) NOPASSWD: ALL
# trigger of mirror run for packages
-
pkg_user
powell=(archvsync) NOPASSWD: /home/archvsync/bin/pushpdo
+
#pkg_user
powell=(archvsync) NOPASSWD: /home/archvsync/bin/pushpdo
# on draghi, the domains git thing will run bind9 reload afterwards
%dnsadm draghi,orff=(root) NOPASSWD: /etc/init.d/bind9 reload
%dnsadm draghi,orff=(geodnssync) NOPASSWD: /usr/bin/make -C /srv/dns.debian.org/geo
# on draghi, the domains git thing will run bind9 reload afterwards
%dnsadm draghi,orff=(root) NOPASSWD: /etc/init.d/bind9 reload
%dnsadm draghi,orff=(geodnssync) NOPASSWD: /usr/bin/make -C /srv/dns.debian.org/geo