Stephen Gran [Sat, 26 Sep 2009 09:32:29 +0000 (10:32 +0100)]
still picky erb
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 26 Sep 2009 09:29:36 +0000 (10:29 +0100)]
picky picky erb
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 26 Sep 2009 09:27:08 +0000 (10:27 +0100)]
silly typo
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 26 Sep 2009 09:25:31 +0000 (10:25 +0100)]
inc-debian.org now a template
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Sat, 26 Sep 2009 08:45:35 +0000 (10:45 +0200)]
Remove samosa from nrpe allowed hosts, add draghi
Stephen Gran [Sat, 26 Sep 2009 08:16:46 +0000 (09:16 +0100)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
Stephen Gran [Sat, 26 Sep 2009 08:16:37 +0000 (09:16 +0100)]
looks like I broke this when switching to named variables
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Fri, 25 Sep 2009 09:12:16 +0000 (11:12 +0200)]
remove $tempoutput in the scope we create it - else we end up with removing unbound variables sometimes
Peter Palfrader [Fri, 25 Sep 2009 09:04:07 +0000 (11:04 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
Add women.d.o mail on ravel
we'll just take valid mail at data time from other d.o hosts
cert if good enough for data time checks as well for mailrelay
either make dijkstra relay, or break spohr
ok, you're starting to make cranky
put the constraint in the right fact, Steve
a random test
Peter Palfrader [Fri, 25 Sep 2009 09:03:51 +0000 (11:03 +0200)]
Add bugs to geo zones
Peter Palfrader [Thu, 24 Sep 2009 20:31:36 +0000 (22:31 +0200)]
Add women.d.o mail on ravel
Stephen Gran [Wed, 23 Sep 2009 20:46:17 +0000 (21:46 +0100)]
we'll just take valid mail at data time from other d.o hosts
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Wed, 23 Sep 2009 20:26:38 +0000 (21:26 +0100)]
cert if good enough for data time checks as well for mailrelay
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Wed, 23 Sep 2009 20:08:14 +0000 (21:08 +0100)]
either make dijkstra relay, or break spohr
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Tue, 22 Sep 2009 23:47:24 +0000 (00:47 +0100)]
ok, you're starting to make cranky
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Tue, 22 Sep 2009 23:45:39 +0000 (00:45 +0100)]
put the constraint in the right fact, Steve
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Tue, 22 Sep 2009 23:21:46 +0000 (00:21 +0100)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
Stephen Gran [Tue, 22 Sep 2009 23:21:39 +0000 (00:21 +0100)]
a random test
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Tue, 22 Sep 2009 23:19:06 +0000 (01:19 +0200)]
sources cleanup
Peter Palfrader [Tue, 22 Sep 2009 23:18:40 +0000 (01:18 +0200)]
Also do not volatile and backports on squeeze machines
Peter Palfrader [Tue, 22 Sep 2009 23:15:55 +0000 (01:15 +0200)]
with templates it is content
Stephen Gran [Tue, 22 Sep 2009 23:13:27 +0000 (00:13 +0100)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
Stephen Gran [Tue, 22 Sep 2009 23:13:24 +0000 (00:13 +0100)]
no, really, path
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Tue, 22 Sep 2009 23:12:13 +0000 (01:12 +0200)]
Revert "Revert "try some template magic""
This reverts commit
22ff227cc4266957cb45c731f0e26339116877d2.
Stephen Gran [Tue, 22 Sep 2009 23:11:58 +0000 (00:11 +0100)]
path
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Tue, 22 Sep 2009 23:11:52 +0000 (01:11 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
path
Peter Palfrader [Tue, 22 Sep 2009 23:11:46 +0000 (01:11 +0200)]
Include nodeinfo first thing
Peter Palfrader [Tue, 22 Sep 2009 23:07:08 +0000 (01:07 +0200)]
Revert "try some template magic"
This reverts commit
60d7aa2172197ae09aeab97295330f3281f8b282.
Peter Palfrader [Tue, 22 Sep 2009 23:03:42 +0000 (01:03 +0200)]
try some template magic
Stephen Gran [Tue, 22 Sep 2009 23:01:16 +0000 (00:01 +0100)]
and move buildd list to its module
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Tue, 22 Sep 2009 22:56:28 +0000 (00:56 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
oops, dependency loop
Peter Palfrader [Tue, 22 Sep 2009 22:56:25 +0000 (00:56 +0200)]
silly git
Stephen Gran [Tue, 22 Sep 2009 22:52:36 +0000 (23:52 +0100)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
Stephen Gran [Tue, 22 Sep 2009 22:52:28 +0000 (23:52 +0100)]
oops, dependency loop
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Tue, 22 Sep 2009 22:50:58 +0000 (00:50 +0200)]
Make sources.list.d entries into templates
Peter Palfrader [Tue, 22 Sep 2009 22:44:52 +0000 (00:44 +0200)]
and fano and finzi are on squeeze
Peter Palfrader [Tue, 22 Sep 2009 22:44:05 +0000 (00:44 +0200)]
fano and finzi are buildds
Peter Palfrader [Tue, 22 Sep 2009 22:43:43 +0000 (00:43 +0200)]
Let fano and finzi relay via dijkstra
Peter Palfrader [Tue, 22 Sep 2009 22:43:04 +0000 (00:43 +0200)]
Add fano and finzi to dedications
Peter Palfrader [Tue, 22 Sep 2009 22:26:16 +0000 (00:26 +0200)]
the correct IP address can only help
Peter Palfrader [Tue, 22 Sep 2009 22:25:29 +0000 (00:25 +0200)]
Make dijkstra relay for finzi - I wonder if that works
Stephen Gran [Tue, 22 Sep 2009 22:15:48 +0000 (23:15 +0100)]
a few more bsd exclusions
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Tue, 22 Sep 2009 22:13:43 +0000 (23:13 +0100)]
variable fixup
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Tue, 22 Sep 2009 22:10:42 +0000 (23:10 +0100)]
path fix
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Tue, 22 Sep 2009 22:06:35 +0000 (23:06 +0100)]
move syslog-ng.conf to a template for bsd
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Tue, 22 Sep 2009 20:22:16 +0000 (21:22 +0100)]
unnecessary to constrain this to a linux kernel
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sun, 20 Sep 2009 11:44:16 +0000 (12:44 +0100)]
another missing dependency
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sun, 20 Sep 2009 11:37:17 +0000 (12:37 +0100)]
maybe this will be nicer
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sun, 20 Sep 2009 11:31:33 +0000 (12:31 +0100)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
Stephen Gran [Sun, 20 Sep 2009 11:31:30 +0000 (12:31 +0100)]
get a few more file => package dependencies right
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Sun, 20 Sep 2009 10:47:18 +0000 (12:47 +0200)]
Remove allegri from spohr's manualroute
Stephen Gran [Sat, 19 Sep 2009 16:38:12 +0000 (17:38 +0100)]
some pretty printing
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Thu, 17 Sep 2009 21:46:05 +0000 (23:46 +0200)]
Try to ignore all of /etc/bind/geodns
Peter Palfrader [Thu, 17 Sep 2009 12:07:31 +0000 (14:07 +0200)]
Add packages.d.o to geo
Peter Palfrader [Thu, 17 Sep 2009 12:01:11 +0000 (14:01 +0200)]
Use autogenerated recvconf and named config
Peter Palfrader [Thu, 17 Sep 2009 10:39:52 +0000 (12:39 +0200)]
We do not ship a named.conf.geo.$zone file using recvfiles
Peter Palfrader [Wed, 16 Sep 2009 16:42:57 +0000 (18:42 +0200)]
Get rid of video
Peter Palfrader [Tue, 15 Sep 2009 21:33:32 +0000 (23:33 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
reverse zone on slaves
another blacklist entry
blacklist *@piekmarketing.eu for spam
Peter Palfrader [Tue, 15 Sep 2009 21:33:27 +0000 (23:33 +0200)]
ipv6 address for schumann
Stephen Gran [Tue, 15 Sep 2009 19:12:36 +0000 (20:12 +0100)]
reverse zone on slaves
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Mon, 14 Sep 2009 20:41:29 +0000 (21:41 +0100)]
another blacklist entry
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Thu, 10 Sep 2009 19:31:57 +0000 (20:31 +0100)]
blacklist *@piekmarketing.eu for spam
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Sun, 6 Sep 2009 22:55:00 +0000 (00:55 +0200)]
raff no longer is buildd, w-b and keyring - remove from backup ssh keys
Peter Palfrader [Sun, 6 Sep 2009 22:52:34 +0000 (00:52 +0200)]
Add cimarosa with /etc and w-b and buildd
Peter Palfrader [Sun, 6 Sep 2009 22:36:14 +0000 (00:36 +0200)]
Add respighi with /etc and patch-tracker
Peter Palfrader [Sun, 6 Sep 2009 18:11:03 +0000 (20:11 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
apache is weird
Oh puppet, you are so picky
Make rlimitmem host dependent
Make ressource-limits a template
Peter Palfrader [Sun, 6 Sep 2009 18:10:41 +0000 (20:10 +0200)]
set /etc/mailname
Peter Palfrader [Sat, 5 Sep 2009 16:31:02 +0000 (18:31 +0200)]
apache is weird
Peter Palfrader [Sat, 5 Sep 2009 15:34:19 +0000 (17:34 +0200)]
Oh puppet, you are so picky
Peter Palfrader [Sat, 5 Sep 2009 15:33:19 +0000 (17:33 +0200)]
Make rlimitmem host dependent
Peter Palfrader [Sat, 5 Sep 2009 15:32:20 +0000 (17:32 +0200)]
Make ressource-limits a template
Peter Palfrader [Sat, 5 Sep 2009 14:24:24 +0000 (16:24 +0200)]
double RLimitMEM to 64m
Peter Palfrader [Sat, 5 Sep 2009 14:09:52 +0000 (16:09 +0200)]
disable buildd related vdomains on raff. remove logs.buildd vdomain on cimarosa
Peter Palfrader [Wed, 2 Sep 2009 08:44:40 +0000 (10:44 +0200)]
patch-tracker sudo to patch-tracker
Peter Palfrader [Tue, 1 Sep 2009 14:04:02 +0000 (16:04 +0200)]
Add respighi to apache stuff
Peter Palfrader [Sat, 29 Aug 2009 07:23:09 +0000 (09:23 +0200)]
remove edit artefact
Peter Palfrader [Sat, 29 Aug 2009 07:18:56 +0000 (09:18 +0200)]
dannf installed newer udev on peri and penalosa
Peter Palfrader [Sat, 29 Aug 2009 07:12:59 +0000 (09:12 +0200)]
Install zivit's new zabbix-agent and rrdcollect on zelenka
Peter Palfrader [Sat, 29 Aug 2009 07:00:50 +0000 (09:00 +0200)]
nagios sudo arcconf on paganini,respighi,vivaldi
Peter Palfrader [Fri, 28 Aug 2009 21:15:42 +0000 (23:15 +0200)]
Oh ssh, why are you /that/ picky
Peter Palfrader [Fri, 28 Aug 2009 20:44:00 +0000 (22:44 +0200)]
Add dedications for paganini, respighi, vivaldi
Peter Palfrader [Fri, 28 Aug 2009 20:29:06 +0000 (22:29 +0200)]
Danger, Will Robinson. We need to create etc/ssh/userkeys - else we lock ourselves out nicely
Peter Palfrader [Thu, 27 Aug 2009 14:44:46 +0000 (16:44 +0200)]
Set alternatives for editor
Peter Palfrader [Wed, 26 Aug 2009 09:50:50 +0000 (11:50 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
Ignore /etc/apache2/conf.d/ressource-limits
set apache ressource limits (RT#1481)
more hosts use default buildd software
lebrun becomes standard buildd
Peter Palfrader [Wed, 26 Aug 2009 08:43:23 +0000 (10:43 +0200)]
Run puppet sync with timeout(1) if it's installed
Peter Palfrader [Sun, 23 Aug 2009 13:06:10 +0000 (15:06 +0200)]
Ignore /etc/apache2/conf.d/ressource-limits
Peter Palfrader [Sun, 23 Aug 2009 08:31:00 +0000 (10:31 +0200)]
set apache ressource limits (RT#1481)
Martin Zobel-Helas [Thu, 20 Aug 2009 11:43:42 +0000 (13:43 +0200)]
more hosts use default buildd software
Martin Zobel-Helas [Wed, 19 Aug 2009 15:50:00 +0000 (17:50 +0200)]
lebrun becomes standard buildd
Peter Palfrader [Tue, 18 Aug 2009 21:25:11 +0000 (23:25 +0200)]
a dir and a file to ignore
Faidon Liambotis [Fri, 14 Aug 2009 01:24:39 +0000 (04:24 +0300)]
set /proc/sys/vm/mmap_min_addr to 4096
This prohibits userland to mmap() page 0 and therefore mitigates
exploits that use NULL-pointer dereference vulnerabilities in the
kernel.
Introduce a sysctl puppet definition for this that can be used to set
other sysctl knobs as well.
Signed-off-by: Peter Palfrader <peter@palfrader.org>
Peter Palfrader [Sun, 16 Aug 2009 09:43:04 +0000 (11:43 +0200)]
Also do not ignore this
Peter Palfrader [Sun, 16 Aug 2009 01:04:44 +0000 (03:04 +0200)]
Revert "samhain ignore /etc/ssh/userkeys since we now ship a file under it. Sigh"
Let's not do this.
This reverts commit
7f521b2d1ef66a10c884e46613c8dacc40235640.
Stephen Gran [Sun, 16 Aug 2009 00:26:17 +0000 (01:26 +0100)]
samhain ignore /etc/ssh/userkeys since we now ship a file under it. Sigh
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sun, 16 Aug 2009 00:14:48 +0000 (01:14 +0100)]
um, we probably want all those extra keys on bartok
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 15 Aug 2009 19:24:22 +0000 (20:24 +0100)]
syntax error
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 15 Aug 2009 10:30:35 +0000 (11:30 +0100)]
what can possibly go wrong
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Wed, 12 Aug 2009 13:59:12 +0000 (15:59 +0200)]
I suspect this wants an end
Peter Palfrader [Wed, 12 Aug 2009 10:02:24 +0000 (12:02 +0200)]
And deploy default apache config to widor
Peter Palfrader [Wed, 12 Aug 2009 08:30:00 +0000 (10:30 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
ignore /etc/bind as well
Make bind write to a subdirectory of /var/log
projects / mirror / dsa-puppet.git / log