use easydns-generated tsig key since need key name to match

author Luca Filipozzi <lfilipoz@emyr.net>

Sat, 8 Mar 2014 21:34:44 +0000 (21:34 +0000)

committer Luca Filipozzi <lfilipoz@emyr.net>

Sat, 8 Mar 2014 21:34:44 +0000 (21:34 +0000)
author Luca Filipozzi <lfilipoz@emyr.net>
Sat, 8 Mar 2014 21:34:44 +0000 (21:34 +0000)
committer Luca Filipozzi <lfilipoz@emyr.net>
Sat, 8 Mar 2014 21:34:44 +0000 (21:34 +0000)
diff --git a/modules/named/templates/named.conf.puppet-shared-keys.erb b/modules/named/templates/named.conf.puppet-shared-keys.erb

index c9e6836..33afad6 100644 (file)
--- a/modules/named/templates/named.conf.puppet-shared-keys.erb
+++ b/modules/named/templates/named.conf.puppet-shared-keys.erb
@@ -18,19 +18,21 @@ lines = []
  pairs.each do |pair|
         next unless pair.include?(fqdn)
         pair.sort!
-       keyname = "tsig-#{pair.join('-')}"
         pair.delete(fqdn)
         other = pair[0]
  
         if other == 'xfr0.easydns.com'
                 remote_ip = ['64.68.200.91']
                 algorithm = "hmac-md5";
+               keyname = "82.195.75.91-key"
+               key = "VoIkCnR5DaI3QP3xtmdCYg=="
         else
                 remote_ip = scope.lookupvar('site::allnodeinfo')[other]['ipHostNumber']
                 algorithm = "hmac-sha256";
+               keyname = "tsig-#{pair.join('-')}"
+               key = scope.function_hkdf(['/etc/puppet/secret', "puppet-key-#{keyname}"])
         end
  
-       key = scope.function_hkdf(['/etc/puppet/secret', "puppet-key-#{keyname}"])
         lines << "key #{keyname} { algorithm #{algorithm}; secret \"#{key}\"; };"
         remote_ip.each do |r|
                 lines << "server #{r} { keys { #{keyname}; }; };"
author	Luca Filipozzi <lfilipoz@emyr.net>
	Sat, 8 Mar 2014 21:34:44 +0000 (21:34 +0000)
committer	Luca Filipozzi <lfilipoz@emyr.net>
	Sat, 8 Mar 2014 21:34:44 +0000 (21:34 +0000)