Merge branch 'master' of ssh://puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet

diff --git a/modules/debian-org/misc/local.yaml b/modules/debian-org/misc/local.yaml
index b964c89..6e79efc 100644 (file)
--- a/modules/debian-org/misc/local.yaml
+++ b/modules/debian-org/misc/local.yaml
@@ -231,6 +231,7 @@ host_settings:
     - ball.debian.org
     - barber.debian.org
     - beethoven.debian.org
+    - bellini.debian.org
     - biber.debian.org
     - brahms.debian.org
     - busoni.debian.org
@@ -240,6 +241,7 @@ host_settings:
     - danzi.debian.org
     - diamond.debian.org
     - dijkstra.debian.org
+    - draghi.debian.org
     - duarte.debian.org
     - englund.debian.org
     - fano.debian.org
@@ -272,6 +274,7 @@ host_settings:
     - murphy.debian.org
     - nono.debian.org
     - orff.debian.org
+    - paganini.debian.org
     - pescetti.debian.org
     - pergolesi.debian.org
     - pettersson.debian.org

diff --git a/modules/exim/files/common/blacklist b/modules/exim/files/common/blacklist
index b52c44a..1683472 100644 (file)
--- a/modules/exim/files/common/blacklist
+++ b/modules/exim/files/common/blacklist
@@ -7,3 +7,4 @@ wlrlzy@atmb.cn
 mailadmin@o2online.de
 *@piekmarketing.eu
 stephetdadou@free.fr
+adwordsguru1@yahoo.co.uk

diff --git a/modules/named/files/common/named.conf.debian-zones b/modules/named/files/common/named.conf.debian-zones
index 074d6dc..87cc9d4 100644 (file)
--- a/modules/named/files/common/named.conf.debian-zones
+++ b/modules/named/files/common/named.conf.debian-zones
@@ -250,6 +250,21 @@ zone "1.0.0.0.5.0.0.0.8.7.a.0.1.0.0.2.ip6.arpa" {
        allow-transfer { };
 };
 
+// 0.0.0.4.6.0.2.0.0.3.6.0.1.0.0.2.ip6.arpa - reverse for 2001:630:206:4000::/64 (sanger)
+zone "0.0.0.4.6.0.2.0.0.3.6.0.1.0.0.2.ip6.arpa" {
+       type slave;
+       notify no;
+       file "db.2001:0630:0206:4000";
+       masters {
+               194.177.211.209; // orff
+               2001:648:2ffc:deb:213:72ff:fe69:e188; // orff
+               82.195.75.106; // draghi (backup master - requires manual reconfiguration on draghi)
+               2001:41b8:202:deb:216:36ff:fe40:3906; // draghi (see above
+       };
+       allow-query { any; };
+       allow-transfer { };
+};
+
 
 zone "alioth.debian.org" {
        type slave;

diff --git a/modules/named/templates/named.conf.options.erb b/modules/named/templates/named.conf.options.erb
index 7b31d18..e093aa4 100644 (file)
--- a/modules/named/templates/named.conf.options.erb
+++ b/modules/named/templates/named.conf.options.erb
@@ -20,11 +20,11 @@ options {
        directory "/var/cache/bind";
 
        auth-nxdomain no;    # conform to RFC1035
-<% if classes.include?("named::geodns") or %w{diamond orff senfl ravel}.include?(hostname) -%>
+<% if classes.include?("named::recursor") -%>
+       listen-on-v6 { any; };
+<% else -%>
        listen-on { ! 127.0.0.1; any; };
        listen-on-v6 { ! ::1; any; };
-<% else -%>
-       listen-on-v6 { any; };
 <% end -%>
 
        allow-transfer { none; };
@@ -35,7 +35,7 @@ options {
 
 <%=
   allowed='Nagios; '
-  if (classes.include?('named::authoritative') and not %w{diamond orff senfl ravel}.include?(hostname)) or classes.include?('named::recursor')
+  if classes.include?('named::recursor')
     allowed += 'localnets; '
   end
 

diff --git a/modules/portforwarder/misc/config.yaml b/modules/portforwarder/misc/config.yaml
index 13c3310..7014802 100644 (file)
--- a/modules/portforwarder/misc/config.yaml
+++ b/modules/portforwarder/misc/config.yaml
@@ -51,6 +51,7 @@ stabile.debian.org:
   - source_bind_port: 15433
     target_host: sibelius.debian.org
     target_port: 5433
+    ssh_options: -oAddressFamily=inet
 
 franck.debian.org:
   - source_bind_port: 5443

diff --git a/modules/portforwarder/templates/xinetd.erb b/modules/portforwarder/templates/xinetd.erb
index c220935..7ff0dfb 100644 (file)
--- a/modules/portforwarder/templates/xinetd.erb
+++ b/modules/portforwarder/templates/xinetd.erb
@@ -19,7 +19,7 @@ template = 'service @@TARGET_HOST@@@@TARGET_PORT@@
         group           = portforwarder
         instances       = 10
         server          = /usr/bin/ssh
-        server_args     = -o PreferredAuthentications=publickey -o EscapeChar=none -o BatchMode=yes -C @@TARGET_HOST@@ forward-to @@TARGET_PORT@@
+        server_args     = -o PreferredAuthentications=publickey -o EscapeChar=none -o BatchMode=yes -C @@SSH_OPTIONS@@ @@TARGET_HOST@@ forward-to @@TARGET_PORT@@
         cps             = 0 0
 }
 '
@@ -30,6 +30,7 @@ if config[fqdn]
                target_port = service['target_port']
                target_host = service['target_host']
                local_bind = service['source_bind_port']
+               ssh_options = service['ssh_options'] || ""
 
                lines << "# to #{target_port.to_s}:target_host from local port #{local_bind.to_s}"
                if target_port.nil? or target_host.nil? or local_bind.nil?
@@ -39,6 +40,7 @@ if config[fqdn]
                        p.gsub!('@@TARGET_HOST@@', target_host)
                        p.gsub!('@@TARGET_PORT@@', target_port.to_s)
                        p.gsub!('@@LOCAL_BIND@@', local_bind.to_s)
+                       p.gsub!('@@SSH_OPTIONS@@', ssh_options.to_s)
                        lines << p
                end
        end