mirror/dsa-puppet.git
14 years agofirst stab at making puppet figure out info for nagios and munin master
Stephen Gran [Sun, 21 Feb 2010 03:19:04 +0000 (03:19 +0000)]
first stab at making puppet figure out info for nagios and munin master

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoadd munin and nagios master declarations
Stephen Gran [Sun, 21 Feb 2010 02:59:21 +0000 (02:59 +0000)]
add munin and nagios master declarations

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoskip munin on fano, as it keeps dying and holding up the show
Stephen Gran [Sun, 21 Feb 2010 02:53:55 +0000 (02:53 +0000)]
skip munin on fano, as it keeps dying and holding up the show

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoMerge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
Stephen Gran [Sun, 21 Feb 2010 01:00:30 +0000 (01:00 +0000)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet

14 years agoquick, before anybody notices
Peter Palfrader [Sun, 21 Feb 2010 01:01:17 +0000 (02:01 +0100)]
quick, before anybody notices

14 years agofix typo
Stephen Gran [Sun, 21 Feb 2010 01:00:22 +0000 (01:00 +0000)]
fix typo

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoMerge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
Peter Palfrader [Sun, 21 Feb 2010 00:59:59 +0000 (01:59 +0100)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet

* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
  cleanup a bit

14 years agoweasel addresses
Peter Palfrader [Sun, 21 Feb 2010 00:59:53 +0000 (01:59 +0100)]
weasel addresses

14 years agocleanup a bit
Stephen Gran [Sun, 21 Feb 2010 00:57:40 +0000 (00:57 +0000)]
cleanup a bit

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoExtra sources.list entry on alkman
Peter Palfrader [Sun, 21 Feb 2010 00:55:04 +0000 (01:55 +0100)]
Extra sources.list entry on alkman

14 years agocorrect munin/nagios ip addresses
Stephen Gran [Sun, 21 Feb 2010 00:44:23 +0000 (00:44 +0000)]
correct munin/nagios ip addresses

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agohow about I add the right ip for weasel?
Stephen Gran [Sun, 21 Feb 2010 00:42:28 +0000 (00:42 +0000)]
how about I add the right ip for weasel?

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agomake v6 logging work; add weasel ip; fix brain damage
Stephen Gran [Sun, 21 Feb 2010 00:39:33 +0000 (00:39 +0000)]
make v6 logging work; add weasel ip; fix brain damage

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoshuffle
Stephen Gran [Sun, 21 Feb 2010 00:14:01 +0000 (00:14 +0000)]
shuffle

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoand name it
Stephen Gran [Sun, 21 Feb 2010 00:11:45 +0000 (00:11 +0000)]
and name it

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoadd log/drop rule
Stephen Gran [Sun, 21 Feb 2010 00:10:46 +0000 (00:10 +0000)]
add log/drop rule

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoshorten up the typing
Stephen Gran [Sun, 21 Feb 2010 00:03:54 +0000 (00:03 +0000)]
shorten up the typing

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoobligatory headers
Stephen Gran [Sat, 20 Feb 2010 23:14:33 +0000 (23:14 +0000)]
obligatory headers

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoscoping fix
Stephen Gran [Sat, 20 Feb 2010 23:07:21 +0000 (23:07 +0000)]
scoping fix

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoRevert "try without a source for the directory"
Stephen Gran [Sat, 20 Feb 2010 22:49:04 +0000 (22:49 +0000)]
Revert "try without a source for the directory"

This reverts commit a1a623c8c95076d6d2c13c0d8ed81860eae626ee.

14 years agotry without a source for the directory
Stephen Gran [Sat, 20 Feb 2010 22:39:05 +0000 (22:39 +0000)]
try without a source for the directory

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agothis should virtually work
Stephen Gran [Sat, 20 Feb 2010 22:38:08 +0000 (22:38 +0000)]
this should virtually work

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agodammit. ferm is smarter than me
Stephen Gran [Sat, 20 Feb 2010 22:17:32 +0000 (22:17 +0000)]
dammit.  ferm is smarter than me

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoand actually quote correctly
Stephen Gran [Sat, 20 Feb 2010 22:13:33 +0000 (22:13 +0000)]
and actually quote correctly

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoadd v4 and v6 any rules
Stephen Gran [Sat, 20 Feb 2010 22:11:43 +0000 (22:11 +0000)]
add v4 and v6 any rules

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoa few more rules
Stephen Gran [Sat, 20 Feb 2010 21:45:36 +0000 (21:45 +0000)]
a few more rules

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoreshuffle things around
Stephen Gran [Sat, 20 Feb 2010 21:35:37 +0000 (21:35 +0000)]
reshuffle things around

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agooverride the command run as well
Stephen Gran [Sat, 20 Feb 2010 21:32:33 +0000 (21:32 +0000)]
override the command run as well

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoput my home subnets in, instead of single ips
Stephen Gran [Sat, 20 Feb 2010 21:26:52 +0000 (21:26 +0000)]
put my home subnets in, instead of single ips

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agopermissions fixup
Stephen Gran [Sat, 20 Feb 2010 21:25:07 +0000 (21:25 +0000)]
permissions fixup

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agofirst stab at making the rules appear without doing anything
Stephen Gran [Sat, 20 Feb 2010 21:21:55 +0000 (21:21 +0000)]
first stab at making the rules appear without doing anything

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoactually inherit from ferm in subclass
Stephen Gran [Sat, 20 Feb 2010 21:09:16 +0000 (21:09 +0000)]
actually inherit from ferm in subclass

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agowhat can possibly go wrong, take 2
Stephen Gran [Sat, 20 Feb 2010 21:08:36 +0000 (21:08 +0000)]
what can possibly go wrong, take 2

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agowhat can possibly go wrong
Stephen Gran [Sat, 20 Feb 2010 21:07:54 +0000 (21:07 +0000)]
what can possibly go wrong

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoand remove random extra keyword
Stephen Gran [Sat, 20 Feb 2010 20:48:57 +0000 (20:48 +0000)]
and remove random extra keyword

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoapparently this is a known bug only for icmp - make target match all protocols but...
Stephen Gran [Sat, 20 Feb 2010 20:48:14 +0000 (20:48 +0000)]
apparently this is a known bug only for icmp - make target match all protocols but only after icmp accept

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoa few more rules
Stephen Gran [Sat, 20 Feb 2010 20:44:18 +0000 (20:44 +0000)]
a few more rules

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agomove INVALID handler after ICMP handler due to ip6tables bug
Stephen Gran [Sat, 20 Feb 2010 20:38:36 +0000 (20:38 +0000)]
move INVALID handler after ICMP handler due to ip6tables bug

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoadd v6, possibly not brokenly this time
Stephen Gran [Sat, 20 Feb 2010 20:27:04 +0000 (20:27 +0000)]
add v6, possibly not brokenly this time

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agomight work better
Stephen Gran [Sat, 20 Feb 2010 20:21:55 +0000 (20:21 +0000)]
might work better

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agohow bad can this go
Stephen Gran [Sat, 20 Feb 2010 20:20:29 +0000 (20:20 +0000)]
how bad can this go

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agofail open
Stephen Gran [Sat, 20 Feb 2010 20:05:27 +0000 (20:05 +0000)]
fail open

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agotry it with several ips
Stephen Gran [Sat, 20 Feb 2010 20:00:43 +0000 (20:00 +0000)]
try it with several ips

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoreload ferm on rule change
Stephen Gran [Sat, 20 Feb 2010 19:58:55 +0000 (19:58 +0000)]
reload ferm on rule change

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agomaybe this is not wrong, take 7
Stephen Gran [Sat, 20 Feb 2010 19:57:49 +0000 (19:57 +0000)]
maybe this is not wrong, take 7

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agomaybe this is not wrong, take 6
Stephen Gran [Sat, 20 Feb 2010 19:54:03 +0000 (19:54 +0000)]
maybe this is not wrong, take 6

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agomaybe this is not wrong, take 5
Stephen Gran [Sat, 20 Feb 2010 19:53:21 +0000 (19:53 +0000)]
maybe this is not wrong, take 5

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agomaybe this is not wrong, take 4
Stephen Gran [Sat, 20 Feb 2010 19:52:03 +0000 (19:52 +0000)]
maybe this is not wrong, take 4

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agomaybe this is not wrong, take 3
Stephen Gran [Sat, 20 Feb 2010 19:49:29 +0000 (19:49 +0000)]
maybe this is not wrong, take 3

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agomaybe this is not wrong, take 2
Stephen Gran [Sat, 20 Feb 2010 19:48:55 +0000 (19:48 +0000)]
maybe this is not wrong, take 2

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agomaybe this is not wrong
Stephen Gran [Sat, 20 Feb 2010 19:48:18 +0000 (19:48 +0000)]
maybe this is not wrong

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agofix syntax for ferm now ...
Stephen Gran [Sat, 20 Feb 2010 19:42:44 +0000 (19:42 +0000)]
fix syntax for ferm now ...

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agotry not to screw up template syntax
Stephen Gran [Sat, 20 Feb 2010 19:40:28 +0000 (19:40 +0000)]
try not to screw up template syntax

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoget variable right
Stephen Gran [Sat, 20 Feb 2010 19:39:05 +0000 (19:39 +0000)]
get variable right

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agofirst try at local conf
Stephen Gran [Sat, 20 Feb 2010 19:38:11 +0000 (19:38 +0000)]
first try at local conf

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoan include that works
Stephen Gran [Sat, 20 Feb 2010 16:23:52 +0000 (16:23 +0000)]
an include that works

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoactually ship ferm.conf
Stephen Gran [Sat, 20 Feb 2010 16:21:48 +0000 (16:21 +0000)]
actually ship ferm.conf

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agooops
Stephen Gran [Sat, 20 Feb 2010 16:19:02 +0000 (16:19 +0000)]
oops

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agolet's see if this works
Stephen Gran [Sat, 20 Feb 2010 16:18:19 +0000 (16:18 +0000)]
let's see if this works

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoadd ferm to logtest
Stephen Gran [Sat, 20 Feb 2010 14:14:53 +0000 (14:14 +0000)]
add ferm to logtest

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agobare start of ferm rules
Stephen Gran [Sat, 20 Feb 2010 14:08:50 +0000 (14:08 +0000)]
bare start of ferm rules

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoit's $php5, not $php
Stephen Gran [Sat, 20 Feb 2010 12:49:37 +0000 (12:49 +0000)]
it's $php5, not $php

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agowhy do you try to hurt me, oh puppet?
Stephen Gran [Sat, 20 Feb 2010 12:45:57 +0000 (12:45 +0000)]
why do you try to hurt me, oh puppet?

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoactually make case statement useful
Stephen Gran [Sat, 20 Feb 2010 12:43:01 +0000 (12:43 +0000)]
actually make case statement useful

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agooh, yes, define suhosin package
Stephen Gran [Sat, 20 Feb 2010 12:41:27 +0000 (12:41 +0000)]
oh, yes, define suhosin package

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agotry managing suhosin with puppet
Stephen Gran [Sat, 20 Feb 2010 12:39:14 +0000 (12:39 +0000)]
try managing suhosin with puppet

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoIgnore local libdns-ruby1.8 on draghi
Peter Palfrader [Fri, 19 Feb 2010 11:14:38 +0000 (12:14 +0100)]
Ignore local libdns-ruby1.8 on draghi

14 years agoRemove 192/27.211.177.194.in-addr.arpa
Peter Palfrader [Wed, 17 Feb 2010 11:33:42 +0000 (12:33 +0100)]
Remove 192/27.211.177.194.in-addr.arpa

14 years agoMerge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
Peter Palfrader [Wed, 17 Feb 2010 11:25:38 +0000 (12:25 +0100)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet

* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
  Try making monit on squeeze work

14 years agoAlso do secondary for 192-27.211.177.194.in-addr.arpa
Peter Palfrader [Wed, 17 Feb 2010 11:25:28 +0000 (12:25 +0100)]
Also do secondary for 192-27.211.177.194.in-addr.arpa

We are transitioning from 192/27.211.177.194.in-addr.arpa
to 192-27.211.177.194.in-addr.arpa.

14 years agoTry making monit on squeeze work
Peter Palfrader [Tue, 16 Feb 2010 02:09:39 +0000 (03:09 +0100)]
Try making monit on squeeze work

14 years agoIgnore local packages libnet-dns-perl, libnet-dns-sec-perl, libnet-dns-zone-parser...
Peter Palfrader [Sun, 14 Feb 2010 20:59:45 +0000 (21:59 +0100)]
Ignore local packages libnet-dns-perl, libnet-dns-sec-perl, libnet-dns-zone-parser-perl on draghi

14 years agoEnable DNSsec on our secondaries
Peter Palfrader [Sun, 14 Feb 2010 19:25:22 +0000 (20:25 +0100)]
Enable DNSsec on our secondaries

14 years agoRevert "Enable DNSsec on our secondaries"
Peter Palfrader [Sun, 14 Feb 2010 19:24:55 +0000 (20:24 +0100)]
Revert "Enable DNSsec on our secondaries"

This reverts commit 95667ea99af27b67bce5097c39d135a3155a1a9f.

14 years agoEnable DNSsec on our secondaries
Peter Palfrader [Sun, 14 Feb 2010 19:19:43 +0000 (20:19 +0100)]
Enable DNSsec on our secondaries

14 years agorietz will not be secondary nameserver much longer, but orff is
Peter Palfrader [Sun, 14 Feb 2010 16:39:20 +0000 (17:39 +0100)]
rietz will not be secondary nameserver much longer, but orff is

14 years agoSteal sudoers passprompt from aba's setup
Peter Palfrader [Sat, 13 Feb 2010 17:29:34 +0000 (18:29 +0100)]
Steal sudoers passprompt from aba's setup

14 years agoUpdate key stuff for beethoven/bartok
Peter Palfrader [Fri, 12 Feb 2010 10:53:57 +0000 (11:53 +0100)]
Update key stuff for beethoven/bartok

14 years agonagios can run arcconf on beethoven
Peter Palfrader [Thu, 11 Feb 2010 21:54:52 +0000 (22:54 +0100)]
nagios can run arcconf on beethoven

14 years agospohr no longer is nagios
Peter Palfrader [Thu, 11 Feb 2010 12:36:50 +0000 (13:36 +0100)]
spohr no longer is nagios

14 years agoball also wants to play with mailout.d.o
Martin Zobel-Helas [Mon, 8 Feb 2010 21:52:04 +0000 (22:52 +0100)]
ball also wants to play with mailout.d.o

14 years agoIgnore deletes of lvm stuff on buildds
Peter Palfrader [Sun, 7 Feb 2010 19:16:03 +0000 (20:16 +0100)]
Ignore deletes of lvm stuff on buildds

14 years agopowell has newer e2fstools for ext4
Stephen Gran [Sun, 7 Feb 2010 06:11:38 +0000 (06:11 +0000)]
powell has newer e2fstools for ext4

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agonew nagios gets same samhainrc as old
Stephen Gran [Sun, 7 Feb 2010 05:53:42 +0000 (05:53 +0000)]
new nagios gets same samhainrc as old

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agomore tchaikovsky
Stephen Gran [Sat, 6 Feb 2010 14:04:15 +0000 (14:04 +0000)]
more tchaikovsky

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoadd new nagios server to bind acls
Stephen Gran [Sat, 6 Feb 2010 13:37:39 +0000 (13:37 +0000)]
add new nagios server to bind acls

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoadd new nagios server
Stephen Gran [Sat, 6 Feb 2010 13:13:02 +0000 (13:13 +0000)]
add new nagios server

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoadd new nagios server
Stephen Gran [Sat, 6 Feb 2010 12:04:40 +0000 (12:04 +0000)]
add new nagios server

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoyet another suhosin path
Stephen Gran [Fri, 5 Feb 2010 19:26:48 +0000 (19:26 +0000)]
yet another suhosin path

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoadd ZIVITHOSTS for sudo
Stephen Gran [Fri, 5 Feb 2010 08:57:19 +0000 (08:57 +0000)]
add ZIVITHOSTS for sudo

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoadd suhosin check; fix whitespace
Stephen Gran [Fri, 5 Feb 2010 00:27:21 +0000 (00:27 +0000)]
add suhosin check; fix whitespace

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoMerge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
Stephen Gran [Fri, 5 Feb 2010 00:17:03 +0000 (00:17 +0000)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet

14 years agoadd php5 fact
Stephen Gran [Fri, 5 Feb 2010 00:15:35 +0000 (00:15 +0000)]
add php5 fact

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agomundy buildd
Peter Palfrader [Wed, 3 Feb 2010 22:46:08 +0000 (23:46 +0100)]
mundy buildd

14 years agoAdd caballero to buildd
Peter Palfrader [Wed, 3 Feb 2010 16:52:15 +0000 (17:52 +0100)]
Add caballero to buildd

14 years agoIgnore /etc/lvm on all buildds
Peter Palfrader [Wed, 3 Feb 2010 10:44:48 +0000 (11:44 +0100)]
Ignore /etc/lvm on all buildds

14 years agoAdd beethoven
Peter Palfrader [Tue, 2 Feb 2010 20:47:58 +0000 (21:47 +0100)]
Add beethoven

14 years agoMerge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
Peter Palfrader [Sun, 31 Jan 2010 21:40:33 +0000 (22:40 +0100)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet

* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
  add aacraid fact
  add alkman.debian.org
  add purcell to mailout

14 years agoIgnore lvm changes on alkman
Peter Palfrader [Sun, 31 Jan 2010 21:40:26 +0000 (22:40 +0100)]
Ignore lvm changes on alkman

14 years agoadd aacraid fact
Stephen Gran [Sun, 31 Jan 2010 17:04:23 +0000 (17:04 +0000)]
add aacraid fact

Signed-off-by: Stephen Gran <steve@lobefin.net>