Stephen Gran [Wed, 21 Jul 2010 21:12:24 +0000 (22:12 +0100)]
lebrun gets restricted carnet/kibi only rules
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Wed, 21 Jul 2010 20:47:47 +0000 (21:47 +0100)]
kibi can get to schroeder
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Wed, 14 Jul 2010 01:07:11 +0000 (02:07 +0100)]
ah, I want the regex form
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Wed, 14 Jul 2010 01:05:30 +0000 (02:05 +0100)]
update cilea freeswitch ignore
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Wed, 14 Jul 2010 01:01:29 +0000 (02:01 +0100)]
group debvoip can sudo to freeswitch on cilea
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Thu, 8 Jul 2010 20:39:44 +0000 (20:39 +0000)]
restrict ssh to handel
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Sun, 4 Jul 2010 19:23:55 +0000 (21:23 +0200)]
and remove obsolete list from ries
Peter Palfrader [Sun, 4 Jul 2010 19:21:03 +0000 (21:21 +0200)]
Update ignore list for packages check on franck
Stephen Gran [Sun, 4 Jul 2010 12:44:11 +0000 (12:44 +0000)]
some more machine that we don't want to munin check
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 3 Jul 2010 16:11:11 +0000 (16:11 +0000)]
I don't think that did what I meant
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 3 Jul 2010 16:08:27 +0000 (16:08 +0000)]
franck gets extra arguments
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 3 Jul 2010 15:41:22 +0000 (15:41 +0000)]
and one more try - franck has too many disks
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 3 Jul 2010 15:37:09 +0000 (15:37 +0000)]
try to actually match what needs scanning
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 3 Jul 2010 15:34:54 +0000 (15:34 +0000)]
franck has slot=1
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 3 Jul 2010 15:00:45 +0000 (15:00 +0000)]
typo
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 3 Jul 2010 14:58:42 +0000 (14:58 +0000)]
franck runs bind
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 3 Jul 2010 14:01:52 +0000 (14:01 +0000)]
can haz root ssh key, please
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 3 Jul 2010 13:12:24 +0000 (13:12 +0000)]
some more firewall rules for franck, redux
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 3 Jul 2010 13:11:56 +0000 (13:11 +0000)]
some more firewall rules for franck
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 3 Jul 2010 12:41:40 +0000 (12:41 +0000)]
franck has a different path than ries
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 3 Jul 2010 12:13:17 +0000 (12:13 +0000)]
some more ries -> franck work
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Sun, 27 Jun 2010 14:35:00 +0000 (16:35 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
s/ries/FTPHOSTS/
Peter Palfrader [Sun, 27 Jun 2010 14:34:35 +0000 (16:34 +0200)]
Stop service security.geo.debian.org - it is broken
Stephen Gran [Sun, 27 Jun 2010 08:55:37 +0000 (08:55 +0000)]
s/ries/FTPHOSTS/
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Sat, 26 Jun 2010 19:12:25 +0000 (21:12 +0200)]
Run geodns sync at boot so we have the latest zonefiles
Peter Palfrader [Sat, 26 Jun 2010 19:09:39 +0000 (21:09 +0200)]
puppet comment to bind/geo/trigger script
Peter Palfrader [Sat, 26 Jun 2010 09:27:07 +0000 (11:27 +0200)]
set -e in trigger script
Peter Palfrader [Sat, 26 Jun 2010 08:56:26 +0000 (10:56 +0200)]
move geozones to new location
Peter Palfrader [Sat, 26 Jun 2010 08:46:59 +0000 (10:46 +0200)]
Switch geo configuration distribution from push to trigger/pull
Peter Palfrader [Sat, 26 Jun 2010 08:37:17 +0000 (10:37 +0200)]
Create /etc/bind/geodns/zonefiles on geo nameservers
Peter Palfrader [Fri, 25 Jun 2010 22:20:37 +0000 (00:20 +0200)]
erm, the other way around
Peter Palfrader [Fri, 25 Jun 2010 21:34:59 +0000 (23:34 +0200)]
Remove draghi from nagiosmaster, create a extranrpeclient thing
Peter Palfrader [Fri, 25 Jun 2010 21:22:07 +0000 (23:22 +0200)]
update sudoers on draghi for dns stuff
Peter Palfrader [Fri, 25 Jun 2010 20:58:42 +0000 (22:58 +0200)]
Do dnssec on geo*
Peter Palfrader [Fri, 25 Jun 2010 20:58:04 +0000 (22:58 +0200)]
remove kassia from apache2_security_mirror
Martin Zobel-Helas [Mon, 21 Jun 2010 17:16:37 +0000 (19:16 +0200)]
fix typo
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Mon, 21 Jun 2010 17:15:33 +0000 (19:15 +0200)]
adjust, so puppet likes zobel again
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Peter Palfrader [Mon, 21 Jun 2010 16:56:48 +0000 (18:56 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
kaufmann offers rsync
fix typo in desc
add hkp for kaufmann
add kaufmann
Peter Palfrader [Mon, 21 Jun 2010 16:56:41 +0000 (18:56 +0200)]
disabling monit by moving S99 to K99monit with samhain really sucks since Debian reorders them every time, so puppet puts it back and samhain complains. Disable monit startup via etc/default/monit
Martin Zobel-Helas [Mon, 21 Jun 2010 13:00:02 +0000 (15:00 +0200)]
kaufmann offers rsync
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Mon, 21 Jun 2010 12:47:51 +0000 (14:47 +0200)]
fix typo in desc
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Mon, 21 Jun 2010 12:45:30 +0000 (14:45 +0200)]
add hkp for kaufmann
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Mon, 21 Jun 2010 12:33:01 +0000 (14:33 +0200)]
add kaufmann
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Peter Palfrader [Mon, 21 Jun 2010 11:46:54 +0000 (13:46 +0200)]
Make dirperm 0755 so that nagios can see things
Peter Palfrader [Mon, 21 Jun 2010 11:15:27 +0000 (13:15 +0200)]
And introduce a mail-all.log
Peter Palfrader [Mon, 21 Jun 2010 11:14:05 +0000 (13:14 +0200)]
Do not log mail to syslog
Peter Palfrader [Sun, 20 Jun 2010 20:08:57 +0000 (22:08 +0200)]
fix typo
Peter Palfrader [Sun, 20 Jun 2010 20:06:04 +0000 (22:06 +0200)]
Get rid of a lot of small #ifdefs and instead provide the loghost-applicable block in one huge thing at the end
Stephen Gran [Sun, 20 Jun 2010 10:15:59 +0000 (10:15 +0000)]
whitespace cleanup
Signed-off-by: Stephen Gran <steve@lobefin.net>
Martin Zobel-Helas [Sun, 20 Jun 2010 10:00:50 +0000 (12:00 +0200)]
increase max-connections drasticly
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sun, 20 Jun 2010 09:21:14 +0000 (11:21 +0200)]
add missing semi-colon
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sun, 20 Jun 2010 09:17:50 +0000 (11:17 +0200)]
tcp6 won't work. i need to find a better way to fix it.
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sun, 20 Jun 2010 09:16:01 +0000 (11:16 +0200)]
Merge branch 'master' of git+ssh://puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet
Martin Zobel-Helas [Sun, 20 Jun 2010 09:14:13 +0000 (11:14 +0200)]
remote sysloging config for the clients, fix typo and keep hostnames
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Stephen Gran [Sun, 20 Jun 2010 07:21:18 +0000 (07:21 +0000)]
move ssl/debian into IgnoreAll
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sun, 20 Jun 2010 07:12:30 +0000 (07:12 +0000)]
Revert "force a restart, rather than reload, of syslog-ng"
This reverts commit
9805eb7834e0280332b5f41ca01a24a9c495f670.
Stephen Gran [Sat, 19 Jun 2010 22:45:47 +0000 (22:45 +0000)]
force a restart, rather than reload, of syslog-ng
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 19 Jun 2010 22:22:46 +0000 (22:22 +0000)]
and ignore it again
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 19 Jun 2010 22:19:31 +0000 (22:19 +0000)]
no, we don't want to purge the certs directory
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 19 Jun 2010 22:18:32 +0000 (22:18 +0000)]
samhain ignore new dirs
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 19 Jun 2010 22:13:59 +0000 (22:13 +0000)]
and pull the right cert name
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 19 Jun 2010 22:11:54 +0000 (22:11 +0000)]
the inevitable syntax error
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 19 Jun 2010 22:10:59 +0000 (22:10 +0000)]
everybody gets ssl
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 19 Jun 2010 22:09:21 +0000 (22:09 +0000)]
s/exim/ssl/
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 19 Jun 2010 22:07:06 +0000 (22:07 +0000)]
gitignore files for ssl module
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 19 Jun 2010 22:06:18 +0000 (22:06 +0000)]
add ssl module for clientcerts
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 19 Jun 2010 18:48:09 +0000 (18:48 +0000)]
probably I should move the end to the right place
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 19 Jun 2010 15:37:45 +0000 (15:37 +0000)]
bad syntax
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 19 Jun 2010 15:32:59 +0000 (15:32 +0000)]
bad syntax
Signed-off-by: Stephen Gran <steve@lobefin.net>
Martin Zobel-Helas [Sat, 19 Jun 2010 14:53:23 +0000 (16:53 +0200)]
prepare remote sysloging, server side patches
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sat, 19 Jun 2010 13:08:05 +0000 (15:08 +0200)]
zobel wants to know which version of syslogng we run
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sat, 19 Jun 2010 07:28:45 +0000 (09:28 +0200)]
add kokkonen
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sat, 19 Jun 2010 07:08:32 +0000 (09:08 +0200)]
add nielsen
Martin Zobel-Helas [Sat, 19 Jun 2010 07:04:33 +0000 (09:04 +0200)]
Merge branch 'master' of git+ssh://puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet
Martin Zobel-Helas [Sat, 19 Jun 2010 07:04:17 +0000 (09:04 +0200)]
add nielsen
Stephen Gran [Fri, 18 Jun 2010 18:02:07 +0000 (18:02 +0000)]
slightly better name for the rule
Signed-off-by: Stephen Gran <steve@lobefin.net>
Martin Zobel-Helas [Fri, 18 Jun 2010 16:25:27 +0000 (18:25 +0200)]
add tcp port for remote syslog
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Wed, 16 Jun 2010 21:13:17 +0000 (23:13 +0200)]
add heininen
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Wed, 16 Jun 2010 20:28:12 +0000 (22:28 +0200)]
add heininen
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Wed, 16 Jun 2010 19:57:38 +0000 (21:57 +0200)]
add heininen
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Stephen Gran [Mon, 7 Jun 2010 11:00:12 +0000 (11:00 +0000)]
port 2 is wiggum.debconf.org
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Sun, 6 Jun 2010 11:01:59 +0000 (13:01 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
up the visible message body length
get rid of printf debugging
Peter Palfrader [Sun, 6 Jun 2010 11:01:55 +0000 (13:01 +0200)]
sudoers: nagios does not get to run dsa-check-backuppg with arbitrary command line arguments
Stephen Gran [Fri, 4 Jun 2010 09:57:58 +0000 (09:57 +0000)]
up the visible message body length
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Fri, 4 Jun 2010 09:37:05 +0000 (09:37 +0000)]
get rid of printf debugging
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Sat, 29 May 2010 09:49:29 +0000 (11:49 +0200)]
ferm: always allow proto 41
Stephen Gran [Wed, 26 May 2010 07:20:34 +0000 (07:20 +0000)]
ries has new apt
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sun, 23 May 2010 13:16:01 +0000 (13:16 +0000)]
Merge branch 'master' of /srv/puppet.debian.org/git/dsa-puppet
Stephen Gran [Sun, 23 May 2010 13:15:58 +0000 (13:15 +0000)]
sgran has two v6 ranges
Signed-off-by: Stephen Gran <steve@lobefin.net>
Peter Palfrader [Sun, 23 May 2010 12:52:54 +0000 (14:52 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet: (21 commits)
Revert "pettersson has bpo acpid"
Revert "pettersson has bpo acpid"
pettersson has bpo acpid
mayer has new kernel and linux-base now
new-ftp-master starts with a firewall
Add franck.debian.org
update authorized_keys
and an rsync rule
BT seeding should be on v6 as well
a few powell specific rules
powell gets ferm
add limit_bing rule
paer now has linux-base
all hosts have root: debian-admin@d.o in /etc/aliases, we don't need it here
add %porter-mips
quote link target
add kill link
and enable monit from inittab: what could go wrong?
define init q command
spurious whitespace change
...
Peter Palfrader [Sun, 23 May 2010 12:52:47 +0000 (14:52 +0200)]
Allow nagios to run usr/lib/nagios/plugins/dsa-check-backuppg as debbackup on beethoven
Peter Palfrader [Sun, 23 May 2010 12:26:10 +0000 (14:26 +0200)]
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
Revert "pettersson has bpo acpid"
Stephen Gran [Sun, 23 May 2010 12:25:52 +0000 (12:25 +0000)]
Revert "pettersson has bpo acpid"
This reverts commit
126b027b47e52baec71d7ad3d3335f441b046b8b.
Peter Palfrader [Sun, 23 May 2010 12:25:37 +0000 (14:25 +0200)]
Revert "pettersson has bpo acpid"
This reverts commit
126b027b47e52baec71d7ad3d3335f441b046b8b.
no need to ignore acpid on pettersson since it comes in via bpo
and as long as one sources.list entry lists the package all is fine.
Stephen Gran [Sun, 23 May 2010 11:49:14 +0000 (11:49 +0000)]
pettersson has bpo acpid
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sat, 22 May 2010 09:21:57 +0000 (09:21 +0000)]
mayer has new kernel and linux-base now
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Mon, 17 May 2010 23:31:25 +0000 (23:31 +0000)]
new-ftp-master starts with a firewall
Signed-off-by: Stephen Gran <steve@lobefin.net>
Martin Zobel-Helas [Mon, 17 May 2010 18:51:43 +0000 (20:51 +0200)]
Add franck.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sun, 16 May 2010 16:20:32 +0000 (18:20 +0200)]
Merge branch 'master' of git+ssh://puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet
Martin Zobel-Helas [Sun, 16 May 2010 16:20:04 +0000 (18:20 +0200)]
update authorized_keys
projects / mirror / dsa-puppet.git / log