projects / mirror / dsa-puppet.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1139989)
Remove TLSA record for remaining gandi certificates
authorJulien Cristau <jcristau@debian.org>
Sat, 31 Dec 2016 17:46:17 +0000 (18:46 +0100)
committerJulien Cristau <jcristau@debian.org>
Sat, 31 Dec 2016 17:46:17 +0000 (18:46 +0100)
modules/roles/manifests/dbmaster.pp patch | blob | history
modules/roles/manifests/init.pp patch | blob | history
modules/roles/manifests/rtc.pp patch | blob | history
modules/roles/manifests/static_mirror.pp patch | blob | history

diff --git a/modules/roles/manifests/dbmaster.pp b/modules/roles/manifests/dbmaster.pp
index 56b7433..c45a138 100644 (file)
--- a/modules/roles/manifests/dbmaster.pp
+++ b/modules/roles/manifests/dbmaster.pp
@@ -14,6 +14,7 @@ class roles::dbmaster {
 
        ssl::service { 'db.debian.org':
                notify  => Exec['service apache2 reload'],
+               tlsaport => [],
        }
 
        roles::pubsub::config { 'generate':
diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp
index aa8c2a0..d252797 100644 (file)
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -45,6 +45,7 @@ class roles {
        if has_role('bugs_base') {
                ssl::service { 'bugs.debian.org':
                        notify  => Exec['service apache2 reload'],
+                       tlsaport => [],
                }
        }
        if has_role('bugs_master') {
diff --git a/modules/roles/manifests/rtc.pp b/modules/roles/manifests/rtc.pp
index 0888833..888b113 100644 (file)
--- a/modules/roles/manifests/rtc.pp
+++ b/modules/roles/manifests/rtc.pp
@@ -6,6 +6,7 @@ class roles::rtc {
        }
 
        ssl::service { 'sip-ws.debian.org':
+               tlsaport => [],
        }
 
        dnsextras::tlsa_record{ 'tlsa-xmpp':
diff --git a/modules/roles/manifests/static_mirror.pp b/modules/roles/manifests/static_mirror.pp
index 1e96951..de46c65 100644 (file)
--- a/modules/roles/manifests/static_mirror.pp
+++ b/modules/roles/manifests/static_mirror.pp
@@ -81,7 +81,7 @@ class roles::static_mirror {
                content => template('roles/apache-www.debian.org.erb'),
        }
 
-       ssl::service { 'www.debian.org'      : ensure => "ifstatic", notify  => Exec['service apache2 reload'], }
+       ssl::service { 'www.debian.org'      : ensure => "ifstatic", notify  => Exec['service apache2 reload'], tlsaport => [], }
 
        # do
        ssl::service { 'appstream.debian.org'          : ensure => "ifstatic", notify  => Exec['service apache2 reload'], key => true, }
Unnamed repository; edit this file 'description' to name the repository.