Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet

* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
  Add women.d.o mail on ravel
  we'll just take valid mail at data time from other d.o hosts
  cert if good enough for data time checks as well for mailrelay
  either make dijkstra relay, or break spohr
  ok, you're starting to make cranky
  put the constraint in the right fact, Steve
  a random test

diff --git a/facts/services.rb b/facts/services.rb
index 6c40cf0..4e84174 100644 (file)
--- a/facts/services.rb
+++ b/facts/services.rb
@@ -1,5 +1,6 @@
 ["bugs","qa"].each do |service|
        Facter.add(service + "_host") do
+                confine :kernel => :linux
                service_name = "#{service}." + Facter.domain
                active = false
 

diff --git a/modules/debian-org/misc/local.yaml b/modules/debian-org/misc/local.yaml
index 7849ac6..93a1a76 100644 (file)
--- a/modules/debian-org/misc/local.yaml
+++ b/modules/debian-org/misc/local.yaml
@@ -84,7 +84,9 @@ footer:
   zelenka.debian.org: "Debian s390 porter system kindly provided by Zentrum fuer Informationsverarbeitung und Informationstechnik [zivit]"
 services:
   bugsmaster: rietz.debian.org
-  mailrelay: spohr.debian.org
+  mailrelay:
+    - dijkstra.debian.org
+    - spohr.debian.org
   packagesmaster: powell.debian.org
   packagesqamaster: master.debian.org
   qamaster: merkel.debian.org

diff --git a/modules/exim/templates/eximconf.erb b/modules/exim/templates/eximconf.erb
index 57067c6..562caff 100644 (file)
--- a/modules/exim/templates/eximconf.erb
+++ b/modules/exim/templates/eximconf.erb
@@ -926,9 +926,6 @@ acl_check_predata:
 
 #!!# ACL that is used after the DATA command
 check_message:
-  require verify = header_syntax
-          message = Invalid syntax in the header
-
 <%=
 out=''
 if nodeinfo['rtmaster']
@@ -964,6 +961,11 @@ out
                             }
           message        = Mail to this address needs to be PGP-signed
 
+  accept verify  = certificate
+
+  require verify = header_syntax
+          message = Invalid syntax in the header
+
 # RFC 822 and 2822 say that headers must be ASCII.  This kinda emulates
 # postfix's strict_7bit_headers option, but only checks a few common problem
 # headers, as there doesn't appear to be an easy way to check them all.

diff --git a/modules/exim/templates/virtualdomains.erb b/modules/exim/templates/virtualdomains.erb
index ab78114..87948d4 100644 (file)
--- a/modules/exim/templates/virtualdomains.erb
+++ b/modules/exim/templates/virtualdomains.erb
@@ -49,6 +49,8 @@ nm.debian.org: user=nm group=nm directory=/org/nm.debian.org/mail/"
         #when "raff.debian.org" then "buildd.debian.org: user=wbadm group=wbadm directory=/srv/buildd.debian.org/mail
 #logs.buildd.debian.org: user=wbadm group=wbadm directory=/srv/logs.buildd.debian.org/mail"
 
+        when "ravel.debian.org" then "women.debian.org: user=nobody group=mujeres directory=/org/women.debian.org/mail"
+
         when "ries.debian.org" then "release.debian.org: user=release group=debian-release directory=/org/release.debian.org/mail
 ftp-master.debian.org: user=dak group=debadmin directory=/srv/ftp.debian.org/mail group_writable=true"