--- /dev/null
+#!/bin/bash
+
+# Copyright 2012 Peter Palfrader
+
+l=/var/run/reboot-lock
+exec 3> $l
+
+if ! flock --exclusive -w 0 3; then
+ echo 2>&1 "Cannot acquire reboot lock."
+ exit 1
+fi
+echo "Reboot lock acquired."
+
+ppid="$PPID"
+(
+ while kill -0 "$ppid" 2>/dev/null; do
+ sleep 1
+ done
+) &
+disown
+exit 0
echo 1 > /proc/sys/kernel/modules_disabled || true
) & disown
fi
+
+touch /var/run/reboot-lock
"less": ensure => installed;
"lsb-release": ensure => installed;
"libfilesystem-ruby1.8": ensure => installed;
+ "molly-guard": ensure => installed;
"mtr-tiny": ensure => installed;
"nload": ensure => installed;
"pciutils": ensure => installed;
"rsyslog": ensure => purged;
"sysklogd": ensure => purged;
}
+ case getfromhash($nodeinfo, 'broken-rtc') {
+ true: {
+ package {
+ fake-hwclock: ensure => installed;
+ }
+ }
+ }
case $debarchitecture {
"armhf": {}
default: {
source => "puppet:///modules/debian-org/rc.local",
notify => Exec["rc.local start"],
;
+ "/etc/molly-guard/run.d/15-acquire-reboot-lock":
+ mode => 0755,
+ source => "puppet:///modules/debian-org/molly-guard-acquire-reboot-lock",
+ require => Package["molly-guard"],
+ ;
"/etc/dsa":
mode => 0755,
- abel.debian.org
- alain.debian.org
- alwyn.debian.org
+ - ancina.debian.org
- antheil.debian.org
- arne.debian.org
- arnold.debian.org
- ball.debian.org
+ - lucatelli.debian.org
- rem.debian.org
- sompek.debian.org
buildd:
end
purp += " porterbox\n"
purp += "\n"
- purp += "See 'dchroot -l' for a list of available chroots.\n"
+ purp += "See 'dchroot -l' or 'schroot -l' for a list of available chroots.\n"
if nodeinfo['ldap'].has_key?('admin')
purp += "Please contact #{nodeinfo['ldap']['admin'][0]} for install requests,\n"
purp += "following the recommendations in <URL:http://dsa.debian.org/doc/install-req/>.\n"
+++ /dev/null
-##
-## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-##
-
-# The settings in this file are used by the program ntpdate-debian, but not
-# by the upstream program ntpdate.
-
-# Set to "yes" to take the server list from /etc/ntp.conf, from package ntp,
-# so you only have to keep it in one place.
-NTPDATE_USE_NTP_CONF=no
-
-# List of NTP servers to use (Separate multiple servers with spaces.)
-# Not used if NTPDATE_USE_NTP_CONF is yes.
-# merikanto 86.59.118.147
-# orff 194.177.211.209
-# ravel 206.12.19.5
-# busoni 140.211.15.34
-NTPSERVERS="86.59.118.147 194.177.211.209 206.12.19.5 140.211.15.34"
-
-# Additional options to pass to ntpdate
-NTPOPTIONS=""
owner => root,
group => root,
mode => 444,
- source => [ "puppet:///modules/ntpdate/etc-default-ntpdate" ],
+ content => template("ntpdate/etc-default-ntpdate.erb"),
;
}
}
--- /dev/null
+##
+## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+##
+
+# The settings in this file are used by the program ntpdate-debian, but not
+# by the upstream program ntpdate.
+
+# Set to "yes" to take the server list from /etc/ntp.conf, from package ntp,
+# so you only have to keep it in one place.
+NTPDATE_USE_NTP_CONF=no
+
+# List of NTP servers to use (Separate multiple servers with spaces.)
+# Not used if NTPDATE_USE_NTP_CONF is yes.
+NTPSERVERS=""
+<%=
+ out = []
+ if fqdn == "ancina.debian.org"
+ ntpservers = %w{ntp.ugent.be}
+ else
+ ntpservers = %w{merikanto.debian.org orff.debian.org ravel.debian.org busoni.debian.org}
+ end
+
+ require 'resolv'
+ ntpservers.each do |n|
+ begin
+ ip = Resolv.getaddress(n)
+ out << "NTPSERVERS=\"$NTPSERVERS #{ip}\" # #{n}"
+ rescue Resolv::ResolvError => e
+ out << "# Failed to resolve #{n}"
+ end
+ end
+ out.join("\n")
+%>
+
+# Additional options to pass to ntpdate
+NTPOPTIONS=""
file=/var/state/samhain/samhain_file
file=/etc/bind/zones/db.debian.net
file=/etc/exim4/bsmtp
+file=/etc/fake-hwclock.data
<% if classes.include?("named::geodns") -%>
file=/etc/bind
file=/etc/bind/named.conf.acl