From: Peter Palfrader <peter@palfrader.org>
Date: Sun, 9 Oct 2016 11:31:21 +0000 (+0200)
Subject: disable TLSA for api.ftp-master, lists, and udd
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=ee173b8b353548a2a6a5ac1037f32174c26b8603;p=mirror%2Fdsa-puppet.git

disable TLSA for api.ftp-master, lists, and udd
---

diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp
index 1d7282435..a6e0965b4 100644
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -58,6 +58,7 @@ class roles {
 	if has_role('api.ftp-master') {
 		ssl::service { 'api.ftp-master.debian.org':
 			notify  => Exec['service apache2 reload'],
+			tlsaport => 0,
 		}
 	}
 
diff --git a/modules/roles/manifests/lists.pp b/modules/roles/manifests/lists.pp
index ace2b25cc..d1d9d237f 100644
--- a/modules/roles/manifests/lists.pp
+++ b/modules/roles/manifests/lists.pp
@@ -1,6 +1,7 @@
 class roles::lists {
 	ssl::service { 'lists.debian.org':
 		notify  => Exec['service apache2 reload'],
+		tlsaport => 0,
 	}
 
 	dnsextras::tlsa_record{ 'tlsa-mailport':
diff --git a/modules/roles/manifests/udd.pp b/modules/roles/manifests/udd.pp
index fe9abbae1..ea81cdf56 100644
--- a/modules/roles/manifests/udd.pp
+++ b/modules/roles/manifests/udd.pp
@@ -1,5 +1,6 @@
 class roles::udd {
 	ssl::service { 'udd.debian.org':
 		notify  => Exec['service apache2 reload'],
+		tlsaport => 0,
 	}
 }