Peter Palfrader [Thu, 2 Jan 2014 17:57:26 +0000 (18:57 +0100)]
Make denis an extra nrpe client
Tollef Fog Heen [Thu, 2 Jan 2014 17:56:07 +0000 (18:56 +0100)]
More workarounds
Tollef Fog Heen [Thu, 2 Jan 2014 17:53:57 +0000 (18:53 +0100)]
err, not error. Maybe
Tollef Fog Heen [Thu, 2 Jan 2014 17:49:34 +0000 (18:49 +0100)]
More workarounds
Tollef Fog Heen [Thu, 2 Jan 2014 17:47:12 +0000 (18:47 +0100)]
Add workaround for buildd not being a real role yet
Tollef Fog Heen [Thu, 2 Jan 2014 17:44:31 +0000 (18:44 +0100)]
Log error rather than exploding unhelpfully
Tollef Fog Heen [Thu, 2 Jan 2014 17:39:15 +0000 (18:39 +0100)]
Ruby is not python
Tollef Fog Heen [Thu, 2 Jan 2014 17:22:58 +0000 (18:22 +0100)]
Simply exim config slightly by checking for roles in manifest
Tollef Fog Heen [Wed, 1 Jan 2014 15:12:14 +0000 (16:12 +0100)]
Move all roles from local.yaml to hiera
Hopefully this won't break anything.
Peter Palfrader [Wed, 1 Jan 2014 21:58:40 +0000 (22:58 +0100)]
And put the ssl cert out
Peter Palfrader [Wed, 1 Jan 2014 21:55:40 +0000 (22:55 +0100)]
Try new www vhost config
Peter Palfrader [Wed, 1 Jan 2014 21:53:42 +0000 (22:53 +0100)]
Move volatile vhost from www to static
Peter Palfrader [Wed, 1 Jan 2014 21:08:45 +0000 (21:08 +0000)]
Checking for classes in templates is not reliable
Peter Palfrader [Wed, 1 Jan 2014 21:00:23 +0000 (22:00 +0100)]
no RRL on the primary
Peter Palfrader [Wed, 1 Jan 2014 20:58:49 +0000 (21:58 +0100)]
maybe these firewall rules are better
Peter Palfrader [Wed, 1 Jan 2014 20:45:52 +0000 (21:45 +0100)]
remove another hardcoding of hostnames
Peter Palfrader [Wed, 1 Jan 2014 20:43:12 +0000 (20:43 +0000)]
syntax fix
Peter Palfrader [Wed, 1 Jan 2014 20:41:15 +0000 (21:41 +0100)]
try to rolify dns
Peter Palfrader [Wed, 1 Jan 2014 20:29:32 +0000 (21:29 +0100)]
master is now denis
Peter Palfrader [Wed, 1 Jan 2014 20:29:26 +0000 (21:29 +0100)]
new way to update zones
Peter Palfrader [Wed, 1 Jan 2014 19:56:42 +0000 (20:56 +0100)]
put release cert onto franck - we have no release service yet
Peter Palfrader [Wed, 1 Jan 2014 19:55:08 +0000 (20:55 +0100)]
put nagios cert onto nagios host by role
Martin Zobel-Helas [Wed, 1 Jan 2014 19:51:18 +0000 (20:51 +0100)]
add nagios.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Wed, 1 Jan 2014 19:45:12 +0000 (20:45 +0100)]
add nagios.debian.org and release.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Wed, 1 Jan 2014 19:41:26 +0000 (20:41 +0100)]
add ftp-master.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Peter Palfrader [Wed, 1 Jan 2014 17:52:32 +0000 (18:52 +0100)]
remove zappa
Peter Palfrader [Wed, 1 Jan 2014 17:52:06 +0000 (18:52 +0100)]
Use submission for mail to zani
Peter Palfrader [Wed, 1 Jan 2014 16:20:25 +0000 (17:20 +0100)]
Add vhost_listen_443
Peter Palfrader [Wed, 1 Jan 2014 16:14:56 +0000 (17:14 +0100)]
Try to enable ssl for dsa.d.o
Peter Palfrader [Wed, 1 Jan 2014 16:07:06 +0000 (17:07 +0100)]
dsa.d.o cert on static mirrors
Peter Palfrader [Wed, 1 Jan 2014 15:55:38 +0000 (16:55 +0100)]
Move dsa.d.o to static
Peter Palfrader [Wed, 1 Jan 2014 15:55:06 +0000 (16:55 +0100)]
Move dsa.d.o to static
Peter Palfrader [Wed, 1 Jan 2014 15:26:07 +0000 (16:26 +0100)]
deploy db.d.o cert
Martin Zobel-Helas [Wed, 1 Jan 2014 15:03:58 +0000 (16:03 +0100)]
add munin.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Wed, 1 Jan 2014 15:02:28 +0000 (16:02 +0100)]
add dsa.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Wed, 1 Jan 2014 15:00:11 +0000 (16:00 +0100)]
add db.debian.oradd db.debian.orgg
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Tollef Fog Heen [Wed, 1 Jan 2014 14:51:11 +0000 (15:51 +0100)]
Use fqdn, not hostname
Tollef Fog Heen [Wed, 1 Jan 2014 14:48:31 +0000 (15:48 +0100)]
Hiera does not know how to look up anything but top-level values
Tollef Fog Heen [Wed, 1 Jan 2014 14:27:33 +0000 (15:27 +0100)]
Start moving bits from local.yaml to hiera
Martin Zobel-Helas [Wed, 1 Jan 2014 11:53:54 +0000 (12:53 +0100)]
do not do backups of /var/log/apache2/
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Peter Palfrader [Wed, 1 Jan 2014 11:01:20 +0000 (12:01 +0100)]
only set sts header if mod headers is loaded
Peter Palfrader [Wed, 1 Jan 2014 10:59:35 +0000 (11:59 +0100)]
enable mod headers everywhere
Peter Palfrader [Wed, 1 Jan 2014 10:54:40 +0000 (11:54 +0100)]
Add SSL related apache macros
Peter Palfrader [Wed, 1 Jan 2014 10:46:08 +0000 (11:46 +0100)]
Remove sites-available/common-ssl.inc
Peter Palfrader [Wed, 1 Jan 2014 10:44:10 +0000 (11:44 +0100)]
install mod-macro everywhere
Peter Palfrader [Wed, 1 Jan 2014 10:23:45 +0000 (10:23 +0000)]
Tell bad apt where to find its certificate
Martin Zobel-Helas [Wed, 1 Jan 2014 10:02:32 +0000 (11:02 +0100)]
add more servicecerts
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Tue, 31 Dec 2013 22:27:25 +0000 (23:27 +0100)]
add sso.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Tue, 31 Dec 2013 21:59:17 +0000 (22:59 +0100)]
add rt.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Stephen Gran [Tue, 31 Dec 2013 16:32:50 +0000 (16:32 +0000)]
make cron be quiet
Signed-off-by: Stephen Gran <steve@lobefin.net>
Martin Zobel-Helas [Tue, 31 Dec 2013 15:18:43 +0000 (16:18 +0100)]
add nm.debian.org and contributors.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Tue, 31 Dec 2013 15:09:50 +0000 (16:09 +0100)]
try this
Martin Zobel-Helas [Tue, 31 Dec 2013 15:07:13 +0000 (16:07 +0100)]
add buildd.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Tue, 31 Dec 2013 14:53:00 +0000 (15:53 +0100)]
add security-tracker.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Tue, 31 Dec 2013 14:44:08 +0000 (15:44 +0100)]
add symlink
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Tue, 31 Dec 2013 14:43:37 +0000 (15:43 +0100)]
remove symlink
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Tue, 31 Dec 2013 14:33:32 +0000 (15:33 +0100)]
add buildd.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Stephen Gran [Tue, 31 Dec 2013 09:14:16 +0000 (09:14 +0000)]
class documentation
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Tue, 31 Dec 2013 09:12:30 +0000 (09:12 +0000)]
we do not want that check
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Tue, 31 Dec 2013 09:10:52 +0000 (09:10 +0000)]
relax permissions for mxes
Signed-off-by: Stephen Gran <steve@lobefin.net>
Martin Zobel-Helas [Tue, 31 Dec 2013 07:58:33 +0000 (08:58 +0100)]
add new cert for udd.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Peter Palfrader [Mon, 30 Dec 2013 22:56:00 +0000 (23:56 +0100)]
do not run an authority on draghi
Peter Palfrader [Mon, 30 Dec 2013 22:43:39 +0000 (23:43 +0100)]
adayevskaya can ssh into denis
Martin Zobel-Helas [Mon, 30 Dec 2013 22:40:25 +0000 (23:40 +0100)]
we also want text version in that file
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Mon, 30 Dec 2013 22:35:21 +0000 (23:35 +0100)]
add service lists.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Mon, 30 Dec 2013 22:30:11 +0000 (23:30 +0100)]
add new cert for lists.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Peter Palfrader [Mon, 30 Dec 2013 22:22:57 +0000 (23:22 +0100)]
denis is now the primary
Peter Palfrader [Mon, 30 Dec 2013 22:05:12 +0000 (22:05 +0000)]
Use different tsig alg
Peter Palfrader [Mon, 30 Dec 2013 21:58:43 +0000 (21:58 +0000)]
Notify bind9 on puppet-shared-keys update
Peter Palfrader [Mon, 30 Dec 2013 21:51:16 +0000 (22:51 +0100)]
include named.conf.puppet-shared-keys
Peter Palfrader [Mon, 30 Dec 2013 21:46:47 +0000 (21:46 +0000)]
fix named.conf.puppet-shared-keys
Peter Palfrader [Mon, 30 Dec 2013 21:34:43 +0000 (22:34 +0100)]
Try to create shared keys using puppet
Peter Palfrader [Mon, 30 Dec 2013 18:57:36 +0000 (19:57 +0100)]
Allow ssh to adayevskaya from all debian.org hosts
Peter Palfrader [Mon, 30 Dec 2013 18:55:15 +0000 (19:55 +0100)]
moar ssh authorized-keys files
Peter Palfrader [Sun, 29 Dec 2013 22:04:56 +0000 (23:04 +0100)]
Do not backup zani
Peter Palfrader [Sun, 29 Dec 2013 21:51:27 +0000 (22:51 +0100)]
Cut down retention periods significantly
Peter Palfrader [Sun, 29 Dec 2013 21:38:32 +0000 (22:38 +0100)]
Add zani dedication
Stephen Gran [Sun, 29 Dec 2013 18:46:34 +0000 (18:46 +0000)]
sigh, get the package right
Signed-off-by: Stephen Gran <steve@lobefin.net>
Stephen Gran [Sun, 29 Dec 2013 18:46:06 +0000 (18:46 +0000)]
Revert "Revert "stop backing up clamav files""
This reverts commit
e256acb16ebf1953ebe88eafab92e359adf4558b.
Peter Palfrader [Sun, 29 Dec 2013 13:00:02 +0000 (14:00 +0100)]
Revert "stop backing up clamav files"
This reverts commit
909ff35fedce7625aefef8dace9171bf5ed86060.
This breaks puppet
Peter Palfrader [Sun, 29 Dec 2013 09:35:11 +0000 (10:35 +0100)]
Do not always annoy people with more than 5mb
Stephen Gran [Sun, 29 Dec 2013 09:21:37 +0000 (09:21 +0000)]
stop backing up clamav files
Signed-off-by: Stephen Gran <steve@lobefin.net>
Martin Zobel-Helas [Sat, 28 Dec 2013 18:53:33 +0000 (19:53 +0100)]
there is no reload for jetty, just restart
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sat, 28 Dec 2013 18:50:57 +0000 (19:50 +0100)]
allow list-gid to restart jetty
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sat, 28 Dec 2013 18:01:33 +0000 (19:01 +0100)]
fix name and port
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sat, 28 Dec 2013 17:53:34 +0000 (18:53 +0100)]
fix syntax
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sat, 28 Dec 2013 17:51:04 +0000 (18:51 +0100)]
add ferm rule for solr access from bendel
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sat, 28 Dec 2013 14:17:53 +0000 (15:17 +0100)]
add stockhausen
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sat, 28 Dec 2013 13:39:35 +0000 (14:39 +0100)]
rebase
Peter Palfrader [Sat, 28 Dec 2013 13:32:50 +0000 (14:32 +0100)]
Add debian.es
Peter Palfrader [Sat, 28 Dec 2013 13:32:26 +0000 (14:32 +0100)]
Re-order debian.org ServerAliases
Peter Palfrader [Sat, 28 Dec 2013 11:16:59 +0000 (12:16 +0100)]
And the other mips buildds too
Peter Palfrader [Sat, 28 Dec 2013 11:10:41 +0000 (12:10 +0100)]
-proposed-updates on eysler
Enrico Zini [Thu, 26 Dec 2013 09:27:46 +0000 (10:27 +0100)]
Also protect contributors.debian.org login redirector
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Tollef Fog Heen [Thu, 26 Dec 2013 22:12:54 +0000 (23:12 +0100)]
Add python-dsa-mq for mailly and muffat
Peter Palfrader [Wed, 25 Dec 2013 12:12:09 +0000 (13:12 +0100)]
give debadmin access to the new dak-web user
Peter Palfrader [Thu, 19 Dec 2013 13:53:57 +0000 (14:53 +0100)]
Update package ignore list for denis
Peter Palfrader [Thu, 19 Dec 2013 09:19:29 +0000 (10:19 +0100)]
Add debian.us to mail
Peter Palfrader [Thu, 19 Dec 2013 09:19:08 +0000 (10:19 +0100)]
Add debian.gr to dns and mail and web
Stephen Gran [Thu, 19 Dec 2013 07:37:32 +0000 (07:37 +0000)]
allow udd to connect
Signed-off-by: Stephen Gran <steve@lobefin.net>
projects / mirror / dsa-puppet.git / log