From: Peter Palfrader <peter@palfrader.org>
Date: Sun, 7 Jul 2019 09:38:16 +0000 (+0200)
Subject: Try to add openpgpkey zone
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=66e44c6472622455d3e8b0b892cbce878b86630e;p=mirror%2Fdsa-puppet.git

Try to add openpgpkey zone
---

diff --git a/modules/roles/manifests/keyring.pp b/modules/roles/manifests/keyring.pp
index 9593ca4ec..cafad2b01 100644
--- a/modules/roles/manifests/keyring.pp
+++ b/modules/roles/manifests/keyring.pp
@@ -11,4 +11,26 @@ class roles::keyring {
 	}
 
 	include named::authoritative
+
+	$notify_address = join(getfromhash($site::allnodeinfo, 'denis.debian.org', 'ipHostNumber'), "; ")
+
+	concat::fragment { 'dsa-named-conf-puppet-misc---openpgpkey-zone':
+		target => '/etc/bind/named.conf.puppet-misc',
+		order  => '020',
+		content  => @("EOF"),
+			zone "_openpgpkey.debian.org" {
+				type master;
+					file "/srv/keyring.debian.org/_openpgpkey.debian.org.zone";
+					allow-query { any; };
+					allow-transfer {
+						key tsig-denis.debian.org-kaufmann.debian.org ;
+						127.0.0.1;
+					};
+					also-notify {
+						$notify_address;
+					};
+			}
+			| EOF
+	}
+
 }