Switch geo configuration distribution from push to trigger/pull
authorPeter Palfrader <peter@palfrader.org>
Sat, 26 Jun 2010 08:46:59 +0000 (10:46 +0200)
committerPeter Palfrader <peter@palfrader.org>
Sat, 26 Jun 2010 08:46:59 +0000 (10:46 +0200)
modules/named/files/common/authorized_keys
modules/named/files/common/recvconf [deleted file]
modules/named/files/common/recvconf.files [deleted file]
modules/named/files/common/trigger [new file with mode: 0755]
modules/named/manifests/geodns.pp

index 646c710..9927171 100644 (file)
@@ -2,5 +2,5 @@
 # THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
 # USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
 #
-from="82.195.75.106,2001:41b8:202:deb:216:36ff:fe40:3906",command="/etc/bind/geodns/recvconf /etc/bind/geodns/recvconf.files",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA2cJCkmggW6TD0UPJP9lelDno8qbYGXPeYE4+QmkqJv8mslcHxmx5tA2TvpJ9qbAUMPOdZf9ihomwPmFzz9UNZH4eDA8F126UUP5DXsh7FC7yVGSBUNdJdYS7m2wtVs8ddhrVdI+8c39D7NVGGjtUCJCWA/3fE65O183Gm+vER65SYR6LfHlEiC2FBROs6qwnjQ0yw194MnU7Jxl/GsTdZ72ArkmcPjuWsVHWtkSTt0hPfgBOyL4vSfBgl2p2eQBXCEPOaPTa1Yr5qfur1+Cj+iwadEmPfRap6rBO3wfIjbXt/KncM2uFrCXuF1TOqQxrs5LSe8dz16vf9Ckf9Ae5wQ== geodnssync@draghi (20090527)
-from="91.103.132.25,2001:4b10:100b::dead:f00d",command="/etc/bind/geodns/recvconf /etc/bind/geodns/recvconf.files",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApBLc4ZoGTtXDJ1UhgA7NEPdwqibg5BSXZfKPgfM9wn0mZooAlYzVYwNfe08UmDwrGkSjeNphmzpiDFQA27WGLCgAw8SIjunojWKvJwJcDwx2W4OPLByZaVg/wcEivC2h0+xlRc9jFqKL5cOsTnKBuD4nC7r8qnNcWxyeEEJGP4PVb2zgrGhf8UK3bAqYPuQp0pBFo4EPdorxsgThshEWg9eqB94ph7s+YXoccoWh4NlH2TaO9QdjtsWCId6uhfpcrxjhwKRkqdjofKiOhBB3vqHE+Cpe95nKHZAP5JDgqFH/L+pzyOiRqfTeYh2ivaEBl6m5F7C/QlDBOFrOZkEtXQ== geodnssync key for sgran
+from="82.195.75.106,2001:41b8:202:deb:216:36ff:fe40:3906",command="/etc/bind/geodns/trigger",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA2cJCkmggW6TD0UPJP9lelDno8qbYGXPeYE4+QmkqJv8mslcHxmx5tA2TvpJ9qbAUMPOdZf9ihomwPmFzz9UNZH4eDA8F126UUP5DXsh7FC7yVGSBUNdJdYS7m2wtVs8ddhrVdI+8c39D7NVGGjtUCJCWA/3fE65O183Gm+vER65SYR6LfHlEiC2FBROs6qwnjQ0yw194MnU7Jxl/GsTdZ72ArkmcPjuWsVHWtkSTt0hPfgBOyL4vSfBgl2p2eQBXCEPOaPTa1Yr5qfur1+Cj+iwadEmPfRap6rBO3wfIjbXt/KncM2uFrCXuF1TOqQxrs5LSe8dz16vf9Ckf9Ae5wQ== geodnssync@draghi (20090527)
+#from="91.103.132.25,2001:4b10:100b::dead:f00d",command="/etc/bind/geodns/recvconf /etc/bind/geodns/recvconf.files",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApBLc4ZoGTtXDJ1UhgA7NEPdwqibg5BSXZfKPgfM9wn0mZooAlYzVYwNfe08UmDwrGkSjeNphmzpiDFQA27WGLCgAw8SIjunojWKvJwJcDwx2W4OPLByZaVg/wcEivC2h0+xlRc9jFqKL5cOsTnKBuD4nC7r8qnNcWxyeEEJGP4PVb2zgrGhf8UK3bAqYPuQp0pBFo4EPdorxsgThshEWg9eqB94ph7s+YXoccoWh4NlH2TaO9QdjtsWCId6uhfpcrxjhwKRkqdjofKiOhBB3vqHE+Cpe95nKHZAP5JDgqFH/L+pzyOiRqfTeYh2ivaEBl6m5F7C/QlDBOFrOZkEtXQ== geodnssync key for sgran
diff --git a/modules/named/files/common/recvconf b/modules/named/files/common/recvconf
deleted file mode 100755 (executable)
index dd9b575..0000000
+++ /dev/null
@@ -1,217 +0,0 @@
-#!/bin/bash
-
-#
-# THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-# USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
-#
-
-set -e
-set -u
-
-## Copyright (c) 2005 David B. Harris <dbharris@eelf.ddts.net>
-## Copyright (c) 2005,2009 Peter Palfrader <peter@palfrader.org>
-
-## This text is released under the "three-clause BSD license".
-## The full text of the license is available at the end of this file.
-
-if [ "$#" != 1 ]; then
-       echo "Usage: $0 <recvconf.files>" >&2
-       exit 1
-fi
-
-FILELIST="$1"
-
-printf "\nrecvconf on %s processing:\n" "$(hostname -s)"
-
-umask 077
-
-temptar="$(mktemp)"
-chmod 0600 "$temptar"
-
-tempscript="$(mktemp)"
-chmod 0600 "$tempscript"
-
-tempdir="$(mktemp -d)"
-
-# Read tarball from STDIN
-gzip -dc > "$temptar"
-
-cd "$tempdir"
-tar xf "$temptar"
-
-copy_and_runcommands() {
-
-    local file perms user group precommand postcommand
-    file="$1"; perms="$2"; user="$3"; group="$4"; precommand="$5"; postcommand="$6"
-
-    if [ -f "$file" ]; then
-       if [ -h "$file" ]; then # File should NOT be a symlink
-           printf "\`%s' is a symlink, aborting.\n" "$file" >&2
-           return 1
-       fi
-
-       if ! [ "$file" -nt "/$file" ]; then
-           rm -f "$file"
-           return 0
-       fi
-
-       if [ -n "$precommand" ]; then
-           printf "Running precommand \`%s' for %s\n" "$precommand" "$file" >&2
-           eval -- $precommand >&2
-       fi
-
-       if [ -n "$perms" ]; then
-           chmod -- "$perms" "$file"
-       else
-           printf "Warning, no perms defined for \`%s', assuming 0640.\n" "$file" >&2
-           chmod 0640 "$file"
-       fi
-       if [ -n "$user" ]; then
-           chown -- "$user" "$file"
-       else
-           printf "Warning, no user defined for \`%s', assuming root.\n" "$file" >&2
-           chown root "$file"
-       fi
-       if [ -n "$group" ]; then
-           chgrp -- "$group" "$file"
-       else
-           printf "Warning, no group defined for \`%s', assuming root.\n" "$file" >&2
-           chgrp root "$file"
-       fi
-
-       if [ ! -d "/$(dirname "$file")" ]; then
-           printf "Directory \`%s' does not exist, aborting.\n" "$(dirname "$file")" >&2
-           exit 1
-       fi
-
-       cp -a -- "$file" "/$(dirname "$file")" >&2
-       ls -l "/$(dirname "$file")/$(basename "$file")" >&2
-
-       if [ -n "$postcommand" ]; then
-           if ! grep -F -- "$postcommand" "$tempscript" > /dev/null 2>&1; then
-               printf "%s\n" "$postcommand" >> "$tempscript"
-           fi
-       fi
-
-       rm -f -- "$file"
-    fi
-}
-
-IN=0
-linenum=0
-file=""
-nextfile=""
-
-clear_vars() {
-       perms=""; user=""; group=""; precommand=""; postcommand=""
-}
-clear_vars
-
-while read line; do
-    linenum="$(($linenum + 1))"
-
-    if printf "%s\n" "$line" | grep -E '^[[:space:]]*$' > /dev/null 2>&1; then
-       ## This line is an empty line; skip it
-       continue
-    elif printf "%s" "$line" | grep -E '^[[:space:]]*#' > /dev/null 2>&1; then
-       ## This line is a comment; skip it
-       continue
-    fi
-
-    ## IN=0, so we're out of a stanza: better get a file declaration next
-    if [ "$IN" = "0" ] && ! printf "%s" "$line" | grep -E '^[[:space:]]*file[[:space:]]' > /dev/null 2>&1; then
-       printf "Error on line %s, file declaration expected. Got\n\t%s\n" "$linenum" "$line" >&2
-       exit 1
-    elif [ "$IN" = 0 ] && printf "%s" "$line" | grep -E '^[[:space:]]*file[[:space:]]' > /dev/null 2>&1; then
-       ## Okay, we're just starting out; set $file and move on
-       file="$(printf "%s" "$line" | sed -e 's/[[:space:]]*file[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
-       IN=1
-       continue
-    elif [ "$IN" = 1 ] && printf "%s" "$line" | grep -E '^[[:space:]]*file[[:space:]]' > /dev/null 2>&1; then
-       ## Okay, not only are we at a file declaration, but this isn't our first one. Run the commands to process
-       ## the file, then set a $file to the new value and continue parsing.
-       [ -n "$file" ] && copy_and_runcommands "$file" "$perms" "$user" "$group" "$precommand" "$postcommand"
-       file="$(printf "%s" "$line" | sed -e 's/[[:space:]]*file[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
-       clear_vars
-       continue
-    fi
-
-    ## The last two if blocks weren't processed; thus this isn't a comment, a blank line, and we're in the middle of a stanza
-    if printf "%s" "$line" | grep -E '^[[:space:]]*perms[[:space:]]' > /dev/null 2>&1; then
-       perms="$(printf "%s" "$line" | sed -e 's/[[:space:]]*perms[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
-       continue
-    elif printf "%s" "$line" | grep -E '^[[:space:]]*user[[:space:]]' > /dev/null 2>&1; then
-       user="$(printf "%s" "$line" | sed -e 's/[[:space:]]*user[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
-       continue
-    elif printf "%s" "$line" | grep -E '^[[:space:]]*group[[:space:]]' > /dev/null 2>&1; then
-       group="$(printf "%s" "$line" | sed -e 's/[[:space:]]*group[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
-       continue
-    elif printf "%s" "$line" | grep -E '^[[:space:]]*precommand[[:space:]]' > /dev/null 2>&1; then
-       precommand="$(printf "%s" "$line" | sed -e 's/[[:space:]]*precommand[[:space:]]\+\([^[:space:]#]*\)/\1/')"
-       continue
-    elif printf "%s" "$line" | grep -E '^[[:space:]]*postcommand[[:space:]]' > /dev/null 2>&1; then
-       postcommand="$(printf "%s" "$line" | sed -e 's/[[:space:]]*postcommand[[:space:]]\+\([^[:space:]#]*\)/\1/')"
-       continue
-    else
-       printf "Unknown token at line %s:\n\t%s\n" "$linenum" "$line"
-    fi
-
-done < "$FILELIST"
-
-## This is the last stanza and the above loop has set the variables, but hasn't yet processed the file
-[ -n "$file" ] && copy_and_runcommands "$file" "$perms" "$user" "$group" "$precommand" "$postcommand"
-
-if [ -s "$tempscript" ]; then
-    tempoutput="$(mktemp)"
-    ## Post-copying commands to be run, run them here. Only display output if they exit with $? > 0
-    while read command; do
-       printf "Running postcommand \`%s' on %s.\n" "$command" "$(hostname -s)" >&2
-       if ! eval -- "(cd / && env -i $command)" > "$tempoutput" 2>&1; then
-           printf "Error, postcommand \`%s' on %s failed. Output follows:\n" "$command" "$(hostname -s)" >&2
-           cat -- "$tempoutput" >&2
-           exit 1
-       fi
-    done < "$tempscript"
-    rm -f -- "$tempoutput"
-fi
-
-# Check for any leftover files here; if there are any, exit with an error and print the list
-if [ ! -z "$(find . -type f)" ]; then
-    printf "The following files were not listed in $FILELIST:\n%s\n" "$(find . -type f)" >&2
-    exit 1
-fi
-
-rm -f -- "$temptar"
-rm -f -- "$tempscript"
-cd
-rm -rf -- "$tempdir"
-
-printf "recvconf on %s finished.\n" "$(hostname -s)"
-
-## Redistribution and use in source and binary forms, with or without
-## modification, are permitted provided that the following conditions are
-## met:
-## 
-##     * Redistributions of source code must retain the above copyright
-## notice, this list of conditions and the following disclaimer.
-## 
-##     * Redistributions in binary form must reproduce the above
-## copyright notice, this list of conditions and the following disclaimer
-## in the documentation and/or other materials provided with the
-## distribution.
-## 
-##     * Neither the names of the copyright owners nor the names of its
-## contributors may be used to endorse or promote products derived from
-## this software without specific prior written permission.
-## 
-## THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-## "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-## LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-## A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-## OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-## DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-## THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-## (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-## OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/modules/named/files/common/recvconf.files b/modules/named/files/common/recvconf.files
deleted file mode 100644 (file)
index 72842fd..0000000
+++ /dev/null
@@ -1,383 +0,0 @@
-# This file was created by dsa-geodomains/zonebuilder --create-recvconf-conf
-# and is distributed to hosts using puppet as
-# dsa-puppet/modules/geodns/files/common/recvconf.files
-# you probably do not want to edit it manually wherever you find it
-
-file etc/bind/geodns/db.bugs.debian.org.AN
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.AN
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org.SA
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.SA
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org.OC
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.OC
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org.AS
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.AS
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org.undef
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.undef
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org.AF
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.AF
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org.EU
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.EU
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org.NA
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.NA
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.ftp.debian.org.AN
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail ftp.debian.org etc/bind/geodns/db.ftp.debian.org.AN
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.ftp.debian.org.SA
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail ftp.debian.org etc/bind/geodns/db.ftp.debian.org.SA
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.ftp.debian.org.OC
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail ftp.debian.org etc/bind/geodns/db.ftp.debian.org.OC
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.ftp.debian.org.AS
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail ftp.debian.org etc/bind/geodns/db.ftp.debian.org.AS
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.ftp.debian.org.undef
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail ftp.debian.org etc/bind/geodns/db.ftp.debian.org.undef
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.ftp.debian.org.AF
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail ftp.debian.org etc/bind/geodns/db.ftp.debian.org.AF
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.ftp.debian.org
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail ftp.debian.org etc/bind/geodns/db.ftp.debian.org
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.ftp.debian.org.EU
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail ftp.debian.org etc/bind/geodns/db.ftp.debian.org.EU
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.ftp.debian.org.NA
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail ftp.debian.org etc/bind/geodns/db.ftp.debian.org.NA
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.AN
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.AN
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.SA
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.SA
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.OC
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.OC
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.AS
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.AS
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.undef
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.undef
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.AF
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.AF
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.EU
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.EU
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.NA
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.NA
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.AN
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.AN
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.SA
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.SA
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.OC
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.OC
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.AS
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.AS
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.undef
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.undef
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.AF
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.AF
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.EU
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.EU
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.NA
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.NA
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.snapshot.debian.org.AN
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail snapshot.debian.org etc/bind/geodns/db.snapshot.debian.org.AN
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.snapshot.debian.org.SA
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail snapshot.debian.org etc/bind/geodns/db.snapshot.debian.org.SA
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.snapshot.debian.org.OC
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail snapshot.debian.org etc/bind/geodns/db.snapshot.debian.org.OC
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.snapshot.debian.org.AS
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail snapshot.debian.org etc/bind/geodns/db.snapshot.debian.org.AS
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.snapshot.debian.org.undef
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail snapshot.debian.org etc/bind/geodns/db.snapshot.debian.org.undef
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.snapshot.debian.org.AF
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail snapshot.debian.org etc/bind/geodns/db.snapshot.debian.org.AF
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.snapshot.debian.org
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail snapshot.debian.org etc/bind/geodns/db.snapshot.debian.org
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.snapshot.debian.org.EU
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail snapshot.debian.org etc/bind/geodns/db.snapshot.debian.org.EU
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.snapshot.debian.org.NA
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail snapshot.debian.org etc/bind/geodns/db.snapshot.debian.org.NA
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.volatile.debian.org.AN
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail volatile.debian.org etc/bind/geodns/db.volatile.debian.org.AN
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.volatile.debian.org.SA
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail volatile.debian.org etc/bind/geodns/db.volatile.debian.org.SA
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.volatile.debian.org.OC
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail volatile.debian.org etc/bind/geodns/db.volatile.debian.org.OC
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.volatile.debian.org.AS
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail volatile.debian.org etc/bind/geodns/db.volatile.debian.org.AS
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.volatile.debian.org.undef
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail volatile.debian.org etc/bind/geodns/db.volatile.debian.org.undef
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.volatile.debian.org.AF
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail volatile.debian.org etc/bind/geodns/db.volatile.debian.org.AF
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.volatile.debian.org
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail volatile.debian.org etc/bind/geodns/db.volatile.debian.org
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.volatile.debian.org.EU
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail volatile.debian.org etc/bind/geodns/db.volatile.debian.org.EU
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.volatile.debian.org.NA
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail volatile.debian.org etc/bind/geodns/db.volatile.debian.org.NA
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.AN
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.AN
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.SA
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.SA
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.OC
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.OC
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.AS
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.AS
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.undef
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.undef
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.AF
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.AF
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.EU
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.EU
-    postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.NA
-    perms 0644
-    user geodnssync
-    group geodnssync
-    precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.NA
-    postcommand sudo /etc/init.d/bind9 reload
diff --git a/modules/named/files/common/trigger b/modules/named/files/common/trigger
new file mode 100755 (executable)
index 0000000..1f779f0
--- /dev/null
@@ -0,0 +1,3 @@
+#!/bin/sh
+rsync -az --delete draghi.debian.org:zonefiles/ /etc/bind/geodns/zonefiles/
+sudo /etc/init.d/bind9 reload
index 09c1066..3a41b94 100644 (file)
@@ -30,8 +30,8 @@ class named::geodns inherits named {
         "/etc/bind/geodns":
             ensure  => directory,
             owner   => root,
-            group   => geodnssync,
-            mode    => 775,
+            group   => root,
+            mode    => 755,
             ;
         "/etc/bind/geodns/zonefiles":
             ensure  => directory,
@@ -47,20 +47,13 @@ class named::geodns inherits named {
             owner   => root,
             group   => root,
             ;
-        "/etc/bind/geodns/recvconf":
-            source  => [ "puppet:///named/per-host/$fqdn/recvconf",
-                         "puppet:///named/common/recvconf" ],
+        "/etc/bind/geodns/trigger":
+            source  => [ "puppet:///named/per-host/$fqdn/trigger",
+                         "puppet:///named/common/trigger" ],
             owner   => root,
             group   => root,
             mode    => 555,
             ;
-        "/etc/bind/geodns/recvconf.files":
-            source  => [ "puppet:///named/per-host/$fqdn/recvconf.files",
-                         "puppet:///named/common/recvconf.files" ],
-            owner   => root,
-            group   => root,
-            mode    => 444,
-            ;
         "/etc/ssh/userkeys/geodnssync":
             source  => [ "puppet:///named/per-host/$fqdn/authorized_keys",
                          "puppet:///named/common/authorized_keys" ],