include apache2
}
- if $::hostname in [ravel,senfl,orff,draghi,diamond,rietz,denis] {
+ if $::hostname in [ravel,senfl,orff,diamond,rietz,denis] {
include named::authoritative
} elsif $::hostname in [geo1,geo2,geo3] {
include named::geodns
}
}
draghi: {
- #@ferm::rule { 'dsa-bind':
- # domain => '(ip ip6)',
- # description => 'Allow nameserver access',
- # rule => '&TCP_UDP_SERVICE(53)'
- #}
@ferm::rule { 'dsa-finger':
domain => '(ip ip6)',
description => 'Allow finger access',
piupartss PIUPARTS_SLAVE_HOSTS=(ALL) NOPASSWD: ALL
# trigger of mirror run for packages
#pkg_user powell=(archvsync) NOPASSWD: /home/archvsync/bin/pushpdo
-# on draghi, the domains git thing will run bind9 reload afterwards
dnsadm denis=(root) NOPASSWD: /usr/sbin/service bind9 reload
-%dnsadm draghi,orff=(root) NOPASSWD: /etc/init.d/bind9 reload
-%dnsadm draghi,orff=(geodnssync) NOPASSWD: /usr/bin/make -C /srv/dns.debian.org/geo
+%dnsadm orff=(root) NOPASSWD: /etc/init.d/bind9 reload
+%dnsadm orff=(geodnssync) NOPASSWD: /usr/bin/make -C /srv/dns.debian.org/geo
%adm draghi=(puppet) NOPASSWD: /usr/bin/make -s -C /srv/db.debian.org/var/gitnagios/dsa-nagios/config install
# wbadm can update all buildd* users' keys on buildd.d.o
%wbadm BUILDD_MASTER=(wb-buildd) ALL
projects / mirror / dsa-puppet.git / commitdiff