Peter Palfrader [Wed, 27 May 2009 19:04:50 +0000 (21:04 +0200)]
Add a umask 077 for good measure
Peter Palfrader [Wed, 27 May 2009 19:03:43 +0000 (21:03 +0200)]
Get filelist from the commandline instead of hardcoding it
Peter Palfrader [Wed, 27 May 2009 19:02:06 +0000 (21:02 +0200)]
Also try with set -u
Peter Palfrader [Wed, 27 May 2009 19:01:49 +0000 (21:01 +0200)]
Explicitly set -e instead of getting it from the shebang
Peter Palfrader [Wed, 27 May 2009 19:01:19 +0000 (21:01 +0200)]
Add recvconf from weaselutils r8
Peter Palfrader [Wed, 27 May 2009 18:59:57 +0000 (20:59 +0200)]
Allow geodnssync to reload bind9
Stephen Gran [Wed, 27 May 2009 18:22:26 +0000 (19:22 +0100)]
And fix the typo. Picky bind parser
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Wed, 27 May 2009 18:19:51 +0000 (19:19 +0100)]
A slightly better solution
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Wed, 27 May 2009 17:59:44 +0000 (18:59 +0100)]
Add acl for nagios so it doesn't complain constantly. We can come up
with something nicer later.
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Tue, 26 May 2009 21:27:56 +0000 (23:27 +0200)]
mv templates/default-index.html modules/apache2/templates/
Peter Palfrader [Tue, 26 May 2009 21:23:57 +0000 (23:23 +0200)]
try with a shorter hostname
Peter Palfrader [Tue, 26 May 2009 21:21:58 +0000 (23:21 +0200)]
fix a html bug
Peter Palfrader [Tue, 26 May 2009 21:16:21 +0000 (23:16 +0200)]
I wonder if this works - try to modify the default apache index for one specific host
Peter Palfrader [Tue, 26 May 2009 18:42:35 +0000 (20:42 +0200)]
Maybe this fixes stuff
Peter Palfrader [Tue, 26 May 2009 18:31:17 +0000 (20:31 +0200)]
Move buildd thing to nodeinfo infrastructure
Peter Palfrader [Tue, 26 May 2009 18:24:33 +0000 (20:24 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
remove quotations
Peter Palfrader [Tue, 26 May 2009 18:24:31 +0000 (20:24 +0200)]
Try to refactor nodeinfo.rb - Hope this doesn't break too badly
Martin Zobel-Helas [Tue, 26 May 2009 18:23:28 +0000 (20:23 +0200)]
Merge branch 'master' of git+ssh://zobel@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet
Martin Zobel-Helas [Tue, 26 May 2009 18:23:13 +0000 (20:23 +0200)]
remove quotations
Peter Palfrader [Tue, 26 May 2009 18:15:44 +0000 (20:15 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
do not notify
remove quotations
those are ACLs, not views
fix typo
Peter Palfrader [Tue, 26 May 2009 18:15:31 +0000 (20:15 +0200)]
Allow the services array to contain hostlists in addition to single hostnames, and make the list of services dynamic
Peter Palfrader [Tue, 26 May 2009 18:12:24 +0000 (20:12 +0200)]
Something for weasel's vim
Martin Zobel-Helas [Tue, 26 May 2009 18:08:14 +0000 (20:08 +0200)]
do not notify
Martin Zobel-Helas [Tue, 26 May 2009 18:01:57 +0000 (20:01 +0200)]
remove quotations
Martin Zobel-Helas [Tue, 26 May 2009 17:56:12 +0000 (19:56 +0200)]
those are ACLs, not views
Martin Zobel-Helas [Tue, 26 May 2009 17:54:39 +0000 (19:54 +0200)]
fix typo
Martin Zobel-Helas [Tue, 26 May 2009 17:51:22 +0000 (19:51 +0200)]
Merge branch 'master' of git+ssh://zobel@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet
Martin Zobel-Helas [Tue, 26 May 2009 17:51:03 +0000 (19:51 +0200)]
add missing ;
Peter Palfrader [Tue, 26 May 2009 17:46:21 +0000 (19:46 +0200)]
We really want logrotated installed with apache
Peter Palfrader [Tue, 26 May 2009 17:45:40 +0000 (19:45 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
add missing include
Peter Palfrader [Tue, 26 May 2009 17:45:32 +0000 (19:45 +0200)]
saens gets apache default config
Peter Palfrader [Tue, 26 May 2009 17:45:07 +0000 (19:45 +0200)]
move info on whether to install apache2 default config from manifest to nodeinfo/local.yaml
Martin Zobel-Helas [Tue, 26 May 2009 17:43:58 +0000 (19:43 +0200)]
add missing include
Martin Zobel-Helas [Tue, 26 May 2009 17:41:03 +0000 (19:41 +0200)]
new geoip dns setup
Peter Palfrader [Tue, 26 May 2009 16:14:46 +0000 (18:14 +0200)]
Remove pointer to lists.debian.org/debian-devel-announce/2003/debian-devel-announce-200312/msg00001.html from motds
Peter Palfrader [Tue, 26 May 2009 16:14:27 +0000 (18:14 +0200)]
Add duarte to local.yaml
Martin Zobel-Helas [Mon, 25 May 2009 19:22:47 +0000 (21:22 +0200)]
remove geoip from puppet for now
Peter Palfrader [Mon, 25 May 2009 17:18:29 +0000 (19:18 +0200)]
ignore two powerdns related things in samhain
Martin Zobel-Helas [Mon, 25 May 2009 15:06:17 +0000 (17:06 +0200)]
Merge branch 'master' of git+ssh://zobel@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet
Martin Zobel-Helas [Mon, 25 May 2009 15:05:46 +0000 (17:05 +0200)]
update ip allocations
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Peter Palfrader [Mon, 25 May 2009 12:49:28 +0000 (14:49 +0200)]
Samhain ignore /etc/default/postgrey
Stephen Gran [Mon, 25 May 2009 11:08:45 +0000 (12:08 +0100)]
obligatory puppet headers
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Mon, 25 May 2009 10:58:46 +0000 (11:58 +0100)]
Add minimal clamav and postgrey classes to the exim::mx class
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sun, 24 May 2009 12:10:44 +0000 (13:10 +0100)]
Add packagesqamaster to the list that nodeinfo will return
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sun, 24 May 2009 10:25:42 +0000 (11:25 +0100)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
Stephen Gran [Sun, 24 May 2009 10:25:26 +0000 (11:25 +0100)]
packages.qa is on master
Signed-off-by: Stephen Gran <steve@lobefin.net>
Martin Zobel-Helas [Sun, 24 May 2009 10:03:31 +0000 (12:03 +0200)]
Merge branch 'master' of git+ssh://zobel@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet
Luca Filipozzi [Sat, 23 May 2009 14:48:21 +0000 (07:48 -0700)]
gah. typo.
Luca Filipozzi [Sat, 23 May 2009 14:46:00 +0000 (07:46 -0700)]
use \N in preference to escaping escapes
Luca Filipozzi [Sat, 23 May 2009 14:39:34 +0000 (07:39 -0700)]
more escaping required
Stephen Gran [Sat, 23 May 2009 14:20:34 +0000 (15:20 +0100)]
ahem. Use the right key
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 23 May 2009 14:17:07 +0000 (15:17 +0100)]
samhain ignore the new files for the surbl stuff
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 23 May 2009 13:45:02 +0000 (14:45 +0100)]
Use new function. This lets us keep the list of 'heavy-exim' hosts in
just one place.
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 23 May 2009 13:38:15 +0000 (14:38 +0100)]
Add ability to extract keys from nodeinfo
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 23 May 2009 11:37:25 +0000 (12:37 +0100)]
And add explicit accept at end of mime acl
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 23 May 2009 11:36:57 +0000 (12:36 +0100)]
Revert "Revert "And another acl for exim"+1"
This reverts commit
4cb5fb5099d0c7177bce071920cecea8dcdda873.
Peter Palfrader [Sat, 23 May 2009 10:49:36 +0000 (12:49 +0200)]
Revert "And another acl for exim"+1
This reverts commits
3feb4c20b11b567a034e2ba06e45c066f380a4b9 and
b8fa816fa0c7ec2dc5d626b16ec4ef5f2afe1b6d.
These break some of our mail for now.
Stephen Gran [Sat, 23 May 2009 01:43:45 +0000 (02:43 +0100)]
Let people know why their mail is being rejected with the new check
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 23 May 2009 01:30:45 +0000 (02:30 +0100)]
Comment out the rbl.debian.net stuff while it's timing out all the time
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 23 May 2009 00:16:04 +0000 (01:16 +0100)]
Add the check to a few more hosts
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 23 May 2009 00:13:41 +0000 (01:13 +0100)]
This works better, even though it's a little more tedious
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 23 May 2009 00:08:51 +0000 (01:08 +0100)]
And another acl for exim
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Fri, 22 May 2009 23:59:16 +0000 (00:59 +0100)]
And more syntax thing
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Fri, 22 May 2009 23:57:56 +0000 (00:57 +0100)]
And restart exim if the perl script changes
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Fri, 22 May 2009 23:55:20 +0000 (00:55 +0100)]
New class
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Fri, 22 May 2009 23:33:38 +0000 (00:33 +0100)]
Some syntax things
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Fri, 22 May 2009 23:25:55 +0000 (00:25 +0100)]
Let's try a nice SURBL lookup for the PTS mail
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Thu, 21 May 2009 23:37:47 +0000 (00:37 +0100)]
Remove some logic from machines that don't need it
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Thu, 21 May 2009 22:02:54 +0000 (23:02 +0100)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
Stephen Gran [Thu, 21 May 2009 22:02:27 +0000 (23:02 +0100)]
Make clients only use tls with smarthost
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Thu, 21 May 2009 10:21:14 +0000 (12:21 +0200)]
break logging for cord
Peter Palfrader [Thu, 21 May 2009 09:30:09 +0000 (11:30 +0200)]
delaycompress for mail.log
Peter Palfrader [Wed, 20 May 2009 09:21:05 +0000 (11:21 +0200)]
Push apache defaults to piatti
Peter Palfrader [Mon, 18 May 2009 07:00:08 +0000 (09:00 +0200)]
Ignore syslog-ng config in samhain
Peter Palfrader [Mon, 18 May 2009 06:58:51 +0000 (08:58 +0200)]
Move some entries around (staying in the same section) so that the comment is right again
Peter Palfrader [Mon, 18 May 2009 06:57:28 +0000 (08:57 +0200)]
And push out syslog-ng.conf and logrotate.d/syslog-ng
Peter Palfrader [Mon, 18 May 2009 06:54:38 +0000 (08:54 +0200)]
user.log a+r
Peter Palfrader [Mon, 18 May 2009 06:52:28 +0000 (08:52 +0200)]
mail.log is gid maillog
Peter Palfrader [Mon, 18 May 2009 06:43:21 +0000 (08:43 +0200)]
Rotate mail daily, keep 30, and use date extension
Peter Palfrader [Mon, 18 May 2009 06:41:41 +0000 (08:41 +0200)]
Add default /etc/syslog-ng/syslog-ng.conf and /etc/logrotate.d/syslog-ng
Stephen Gran [Sun, 17 May 2009 23:20:40 +0000 (00:20 +0100)]
whee. Let's change all the syslogging without watching
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Sat, 16 May 2009 12:45:30 +0000 (14:45 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
And use the right variable name
Put the puppet block in [IgnoreAll] on handel
get rid of old flat files
Get rid of duplicate line
Use the right variable
Need to include samhain after we get nodeinfo
let's try to actually use the case syntax that ruby uses
Fixup
Push out new template
Actually get the output of the block
First pass at a samhain template
Peter Palfrader [Sat, 16 May 2009 12:45:22 +0000 (14:45 +0200)]
Ignore amavisd-new on liszt
Stephen Gran [Sat, 16 May 2009 09:49:28 +0000 (10:49 +0100)]
And use the right variable name
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 16 May 2009 09:48:36 +0000 (10:48 +0100)]
Put the puppet block in [IgnoreAll] on handel
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 16 May 2009 09:40:13 +0000 (10:40 +0100)]
get rid of old flat files
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 16 May 2009 09:34:57 +0000 (10:34 +0100)]
Get rid of duplicate line
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 16 May 2009 09:30:17 +0000 (10:30 +0100)]
Use the right variable
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 16 May 2009 09:27:23 +0000 (10:27 +0100)]
Need to include samhain after we get nodeinfo
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 16 May 2009 09:26:40 +0000 (10:26 +0100)]
let's try to actually use the case syntax that ruby uses
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 16 May 2009 09:25:28 +0000 (10:25 +0100)]
Fixup
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 16 May 2009 09:24:14 +0000 (10:24 +0100)]
Push out new template
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 16 May 2009 09:21:41 +0000 (10:21 +0100)]
Actually get the output of the block
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 16 May 2009 09:18:17 +0000 (10:18 +0100)]
First pass at a samhain template
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Fri, 15 May 2009 14:35:03 +0000 (16:35 +0200)]
Make liszt use the common sudoers file
Peter Palfrader [Fri, 15 May 2009 13:53:45 +0000 (15:53 +0200)]
prepare a named-security module that handles the config that is currently in dsa-misc.
Peter Palfrader [Thu, 14 May 2009 06:51:48 +0000 (08:51 +0200)]
push our standard apache stuff to duarte
Peter Palfrader [Tue, 12 May 2009 15:41:39 +0000 (17:41 +0200)]
syntax fix
Peter Palfrader [Tue, 12 May 2009 15:39:53 +0000 (17:39 +0200)]
run apt-get update after modifying sources lists
Peter Palfrader [Tue, 12 May 2009 15:36:07 +0000 (17:36 +0200)]
paer to buildd group
projects / mirror / dsa-puppet.git / log