projects / mirror / dsa-puppet.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 29cbe59)
And maintain the geodnssync authkeys file on the primary in puppet too
authorPeter Palfrader <peter@palfrader.org>
Sat, 7 Sep 2019 21:52:16 +0000 (23:52 +0200)
committerPeter Palfrader <peter@palfrader.org>
Sat, 7 Sep 2019 21:52:16 +0000 (23:52 +0200)
modules/roles/manifests/dns_geodns.pp patch | blob | history
modules/roles/manifests/dns_primary.pp patch | blob | history

diff --git a/modules/roles/manifests/dns_geodns.pp b/modules/roles/manifests/dns_geodns.pp
index f2197c5..80ac29a 100644 (file)
--- a/modules/roles/manifests/dns_geodns.pp
+++ b/modules/roles/manifests/dns_geodns.pp
@@ -3,6 +3,12 @@ class roles::dns_geodns {
   include named::geodns
 
   ssh::keygen { 'geodnssync': }
+  ssh::authorized_key_add { 'dns_geodns::pull-from-primary':
+    target_user => 'geodnssync',
+    command     => '/usr/bin/rsync --server --sender -logDtprze.iL . zonefiles/',
+    key         => $facts['geodnssync_key'],
+    collect_tag => 'dns_primary',
+  }
 
   ssh::authorized_key_collect { 'geodnssync-node':
     target_user => 'geodnssync',
diff --git a/modules/roles/manifests/dns_primary.pp b/modules/roles/manifests/dns_primary.pp
index 193cf61..7e4327a 100644 (file)
--- a/modules/roles/manifests/dns_primary.pp
+++ b/modules/roles/manifests/dns_primary.pp
@@ -10,8 +10,12 @@ class roles::dns_primary {
     target_user => 'letsencrypt',
     collect_tag => 'dns_primary',
   }
-  ssh::keygen {'dnsadm': }
+  ssh::authorized_key_collect { 'dns_primary-geodnssync':
+    target_user => 'geodnssync',
+    collect_tag => 'dns_primary',
+  }
 
+  ssh::keygen {'dnsadm': }
   ssh::authorized_key_add { 'dns_primary::geodns':
     target_user => 'geodnssync',
     command     => '/etc/bind/geodns/trigger',
Unnamed repository; edit this file 'description' to name the repository.