Peter Palfrader [Tue, 28 Mar 2017 11:43:30 +0000 (13:43 +0200)]
make bacula storage and director roles
Peter Palfrader [Tue, 28 Mar 2017 11:24:13 +0000 (13:24 +0200)]
bacula db access from storace
Peter Palfrader [Tue, 28 Mar 2017 09:03:17 +0000 (11:03 +0200)]
fix accumu netrange, again
Peter Palfrader [Tue, 28 Mar 2017 09:01:22 +0000 (11:01 +0200)]
update accumu netrange
Peter Palfrader [Tue, 28 Mar 2017 09:00:30 +0000 (11:00 +0200)]
update accumu netrange
Peter Palfrader [Sun, 26 Mar 2017 11:47:55 +0000 (13:47 +0200)]
ignore /srv in samhain
Paul Wise [Sat, 25 Mar 2017 07:56:59 +0000 (15:56 +0800)]
Revert "Update configuration for SSL ca-debian cert store"
This reverts commit
f35f47969e10aeeaf6a48ad2a0f4dbde1f2f9de3.
Paul Wise [Sat, 25 Mar 2017 07:03:18 +0000 (15:03 +0800)]
Fix typo
Paul Wise [Sat, 25 Mar 2017 06:52:02 +0000 (14:52 +0800)]
Update configuration for SSL ca-debian cert store
Remove AddTrust as it isn't used any more.
Switch from the DST root CA to ISRG on jessie and newer
for Let's Encrypt since it has less intermediate CAs.
The ISRG root isn't available in wheezy ca-certificates.
Document why each CA cert is being used with comments.
Martin Zobel-Helas [Fri, 24 Mar 2017 13:14:13 +0000 (14:14 +0100)]
add mirror-accumu as anycast bgp host
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Peter Palfrader [Mon, 20 Mar 2017 17:42:28 +0000 (17:42 +0000)]
fix storage-per-client.conf template
Peter Palfrader [Mon, 20 Mar 2017 17:39:35 +0000 (17:39 +0000)]
fix per-client.conf template
Peter Palfrader [Mon, 20 Mar 2017 17:26:11 +0000 (17:26 +0000)]
fix munin.conf_per_node template
Peter Palfrader [Mon, 20 Mar 2017 16:03:33 +0000 (17:03 +0100)]
Use the dsa-check-libs from the dsa nagios checks package again
Peter Palfrader [Mon, 20 Mar 2017 15:57:59 +0000 (16:57 +0100)]
remove debian.restricted.list apt source on hosts without proliant raid
Peter Palfrader [Mon, 20 Mar 2017 15:39:12 +0000 (16:39 +0100)]
move munin.conf_per_node.erb to the right place
Julien Cristau [Mon, 20 Mar 2017 14:19:37 +0000 (15:19 +0100)]
Only ignore puppetdb.conf at the root
Peter Palfrader [Mon, 20 Mar 2017 14:17:09 +0000 (14:17 +0000)]
update .gitignore
Peter Palfrader [Mon, 20 Mar 2017 14:15:55 +0000 (14:15 +0000)]
add puppetdb.conf on puppetmaster
Peter Palfrader [Mon, 20 Mar 2017 14:15:29 +0000 (14:15 +0000)]
Do not hardcode "handel" in template - use puppetmaster role instead
Peter Palfrader [Mon, 20 Mar 2017 14:14:33 +0000 (14:14 +0000)]
use puppetdb backend for storeconfigs
Martin Zobel-Helas [Mon, 20 Mar 2017 13:37:05 +0000 (14:37 +0100)]
update puppet.conf.erb
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Peter Palfrader [Mon, 20 Mar 2017 09:25:49 +0000 (10:25 +0100)]
run puppet every 2 instead of every 4 hours
Peter Palfrader [Mon, 20 Mar 2017 09:11:23 +0000 (10:11 +0100)]
samhain ignore /etc/cron.d/puppet-nagios-wraps
Peter Palfrader [Mon, 20 Mar 2017 09:00:00 +0000 (10:00 +0100)]
Add nagios puppet check out of cron
Tollef Fog Heen [Sun, 19 Mar 2017 13:11:05 +0000 (14:11 +0100)]
Prefix variables with the right sigil
Tollef Fog Heen [Sun, 19 Mar 2017 13:09:34 +0000 (14:09 +0100)]
Use underscores rather than hyphens for class names
Aurelien Jarno [Sun, 19 Mar 2017 12:49:25 +0000 (13:49 +0100)]
Fix bconsole.conf template
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Martin Zobel-Helas [Sun, 19 Mar 2017 12:47:02 +0000 (13:47 +0100)]
Merge branch 'master' of git+ssh://puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of git+ssh://puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet:
Fix bacula-dir.conf template
Drop dead bits in ftp_upload
Fix portforwarder inetd config for new puppet
Martin Zobel-Helas [Sun, 19 Mar 2017 12:46:35 +0000 (13:46 +0100)]
fix syntax in modules/named/templates/named.conf.puppet-shared-keys.erb
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Aurelien Jarno [Sun, 19 Mar 2017 12:44:46 +0000 (13:44 +0100)]
Fix bacula-dir.conf template
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Julien Cristau [Sun, 19 Mar 2017 11:57:59 +0000 (12:57 +0100)]
Drop dead bits in ftp_upload
$bind6 was undefined since commit
b0dd1aa9d67bc92d097c1ad23f42bbedd173b756.
Julien Cristau [Sun, 19 Mar 2017 11:43:56 +0000 (12:43 +0100)]
Fix portforwarder inetd config for new puppet
Martin Zobel-Helas [Sun, 19 Mar 2017 11:32:15 +0000 (12:32 +0100)]
Merge branch 'master' of git+ssh://puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of git+ssh://puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet:
Fix ensure value for postgres
Update postgres fact
Use absolute includes, not relative ones
Martin Zobel-Helas [Sun, 19 Mar 2017 11:31:50 +0000 (12:31 +0100)]
lint name of function
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Julien Cristau [Sun, 19 Mar 2017 11:30:17 +0000 (12:30 +0100)]
Fix ensure value for postgres
Julien Cristau [Sun, 19 Mar 2017 11:28:13 +0000 (12:28 +0100)]
Update postgres fact
Tollef Fog Heen [Sun, 19 Mar 2017 10:57:06 +0000 (11:57 +0100)]
Use absolute includes, not relative ones
Tollef Fog Heen [Sun, 19 Mar 2017 10:43:35 +0000 (11:43 +0100)]
Look for Numeric in addition to allowing number-strings
foo: 587 in yaml gets us a Numeric, and regex matches only matches
strings in newer puppets, so check for that and use sprintf to get us
a string.
Julien Cristau [Sun, 19 Mar 2017 10:43:26 +0000 (11:43 +0100)]
Fix postgres-make-base-backups for new puppet
Martin Zobel-Helas [Sun, 19 Mar 2017 09:57:08 +0000 (10:57 +0100)]
and add absolute path
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sun, 19 Mar 2017 09:56:04 +0000 (10:56 +0100)]
*cough* this is no executable
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sun, 19 Mar 2017 09:35:29 +0000 (10:35 +0100)]
Merge branch 'master' of git+ssh://puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet
* 'master' of git+ssh://puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet: (32 commits)
Do not use sslname empty string for no ssl
Make scores of webserver related templates compile
Fix historical mirror apache template
make order a string
fix torrc-header tempate
fix rsync site module
if we do not have specific binds, we use the empty string to signal that
Fix stunnel template
Attempt to fix version comparisons
Fix munin::conf for new puppet
Fix schroot-buildd/fstab.erb template
Remove wheezy support in schroot files
Remove wheezy support in buildd files
Make concat::fragment order parameter be a string
buildd: fix lsbmajdistrelease calls
fix template
fix two templates
fix two templates
rename nfs-server to nfs_server
remove rng-tools without hwrandom
...
Martin Zobel-Helas [Sun, 19 Mar 2017 09:35:11 +0000 (10:35 +0100)]
add back our git reversion
Peter Palfrader [Sun, 19 Mar 2017 09:02:22 +0000 (09:02 +0000)]
Do not use sslname empty string for no ssl
Peter Palfrader [Sun, 19 Mar 2017 08:56:48 +0000 (08:56 +0000)]
Make scores of webserver related templates compile
Peter Palfrader [Sun, 19 Mar 2017 08:42:50 +0000 (08:42 +0000)]
Fix historical mirror apache template
Peter Palfrader [Sun, 19 Mar 2017 08:35:52 +0000 (08:35 +0000)]
make order a string
Peter Palfrader [Sun, 19 Mar 2017 08:35:22 +0000 (08:35 +0000)]
fix torrc-header tempate
Peter Palfrader [Sun, 19 Mar 2017 08:30:44 +0000 (08:30 +0000)]
fix rsync site module
Peter Palfrader [Sun, 19 Mar 2017 08:30:32 +0000 (08:30 +0000)]
if we do not have specific binds, we use the empty string to signal that
Aurelien Jarno [Sun, 19 Mar 2017 07:36:48 +0000 (08:36 +0100)]
Fix stunnel template
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Julien Cristau [Sat, 18 Mar 2017 22:16:30 +0000 (23:16 +0100)]
Attempt to fix version comparisons
Use versioncmp function instead of string comparison. Thanks olasd.
Julien Cristau [Sat, 18 Mar 2017 21:53:55 +0000 (22:53 +0100)]
Fix munin::conf for new puppet
Aurelien Jarno [Sat, 18 Mar 2017 21:43:27 +0000 (22:43 +0100)]
Fix schroot-buildd/fstab.erb template
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Aurelien Jarno [Sat, 18 Mar 2017 21:39:57 +0000 (22:39 +0100)]
Remove wheezy support in schroot files
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Aurelien Jarno [Sat, 18 Mar 2017 21:36:54 +0000 (22:36 +0100)]
Remove wheezy support in buildd files
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Julien Cristau [Sat, 18 Mar 2017 21:31:52 +0000 (22:31 +0100)]
Make concat::fragment order parameter be a string
Aurelien Jarno [Sat, 18 Mar 2017 21:31:35 +0000 (22:31 +0100)]
buildd: fix lsbmajdistrelease calls
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Palfrader [Sat, 18 Mar 2017 21:05:58 +0000 (21:05 +0000)]
fix template
Peter Palfrader [Sat, 18 Mar 2017 20:39:21 +0000 (20:39 +0000)]
fix two templates
Peter Palfrader [Sat, 18 Mar 2017 20:36:51 +0000 (20:36 +0000)]
fix two templates
Peter Palfrader [Sat, 18 Mar 2017 20:36:43 +0000 (20:36 +0000)]
rename nfs-server to nfs_server
Peter Palfrader [Sat, 18 Mar 2017 19:37:29 +0000 (20:37 +0100)]
remove rng-tools without hwrandom
Peter Palfrader [Sat, 18 Mar 2017 19:33:38 +0000 (20:33 +0100)]
close quote
Peter Palfrader [Sat, 18 Mar 2017 19:31:55 +0000 (20:31 +0100)]
the hook is annoying
Peter Palfrader [Sat, 18 Mar 2017 19:30:57 +0000 (20:30 +0100)]
stringify file modes
Peter Palfrader [Sat, 18 Mar 2017 19:28:21 +0000 (20:28 +0100)]
do check for boolean value of true instead of stringified version
Peter Palfrader [Sat, 18 Mar 2017 19:22:35 +0000 (20:22 +0100)]
make a reverse for hw_can_temp_sensors that removes lm-sensors
Peter Palfrader [Sat, 18 Mar 2017 19:21:27 +0000 (19:21 +0000)]
fix unbound check in resolv.conf template
root [Sat, 18 Mar 2017 19:16:35 +0000 (19:16 +0000)]
Merge branch 'master' of file:///srv/puppet.debian.org/git/dsa-puppet
Peter Palfrader [Sat, 18 Mar 2017 18:48:38 +0000 (19:48 +0100)]
And clean out mptraid things if we do not have mptraid
Peter Palfrader [Sat, 18 Mar 2017 18:46:20 +0000 (19:46 +0100)]
remove postgres things if we do not have postgresql
Peter Palfrader [Sat, 18 Mar 2017 18:42:04 +0000 (19:42 +0100)]
remove portforwarder files if we do not have a portforwarding user
Peter Palfrader [Tue, 14 Mar 2017 11:00:32 +0000 (12:00 +0100)]
set vim modeline
Martin Zobel-Helas [Sat, 18 Mar 2017 19:13:34 +0000 (19:13 +0000)]
Merge branch 'master' of file:///srv/puppet.debian.org/git/dsa-puppet
Martin Zobel-Helas [Sat, 18 Mar 2017 19:13:00 +0000 (20:13 +0100)]
fix syntax
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
root [Sat, 18 Mar 2017 18:46:43 +0000 (18:46 +0000)]
puppet 4 foo
Signed-off-by: root <root@handel.debian.org>
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
root [Sat, 18 Mar 2017 13:30:14 +0000 (13:30 +0000)]
fix munin 1
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
root [Sat, 18 Mar 2017 18:46:43 +0000 (18:46 +0000)]
puppet 4 foo
Signed-off-by: root <root@handel.debian.org>
root [Sat, 18 Mar 2017 13:30:14 +0000 (13:30 +0000)]
fix munin 1
Martin Zobel-Helas [Sat, 18 Mar 2017 12:47:26 +0000 (13:47 +0100)]
fix syntax
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sat, 18 Mar 2017 12:43:09 +0000 (13:43 +0100)]
new function call to find hiera objects
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sat, 18 Mar 2017 11:33:06 +0000 (12:33 +0100)]
no more use of Puppet::Parser::Parser
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Fri, 17 Mar 2017 21:49:35 +0000 (22:49 +0100)]
add environmentconf
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Aurelien Jarno [Tue, 14 Mar 2017 21:23:05 +0000 (22:23 +0100)]
buildd.d.o: update archive key
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Peter Palfrader [Sun, 12 Mar 2017 13:13:19 +0000 (14:13 +0100)]
add dpl.d.o static component
Peter Palfrader [Sun, 12 Mar 2017 13:12:41 +0000 (14:12 +0100)]
add dpl.d.o static component
Peter Palfrader [Sat, 11 Mar 2017 20:56:13 +0000 (21:56 +0100)]
retire glinka
Peter Palfrader [Sat, 11 Mar 2017 18:48:01 +0000 (19:48 +0100)]
spacing change (and vim modline) for debtags.d.o vhost config
Peter Palfrader [Sat, 11 Mar 2017 09:45:46 +0000 (10:45 +0100)]
Clean out old watcher pause files automatically
Peter Palfrader [Sat, 11 Mar 2017 09:35:30 +0000 (10:35 +0100)]
retire sompek, stadler
Peter Palfrader [Sat, 11 Mar 2017 09:34:49 +0000 (10:34 +0100)]
ignore local qemu-efi on acker, aagaard
Peter Palfrader [Fri, 10 Mar 2017 10:27:32 +0000 (11:27 +0100)]
add missing sudo entry for debsources
Peter Palfrader [Wed, 8 Mar 2017 18:00:44 +0000 (19:00 +0100)]
firefox considers style in .svg things "unsafe-inline" settings, so we need a different CSP for svg files
Peter Palfrader [Wed, 8 Mar 2017 17:15:59 +0000 (18:15 +0100)]
amended policy
Peter Palfrader [Wed, 8 Mar 2017 17:09:56 +0000 (18:09 +0100)]
Set a CSP for lintian, acked by nthykier
Peter Palfrader [Wed, 8 Mar 2017 12:26:37 +0000 (13:26 +0100)]
Set a bunch of security related headers that might break stuff. We will found out
Peter Palfrader [Wed, 8 Mar 2017 12:24:17 +0000 (13:24 +0100)]
rename pratchett to headers
Peter Palfrader [Mon, 6 Mar 2017 09:21:55 +0000 (10:21 +0100)]
Add anycast mirror to sources.list
projects / mirror / dsa-puppet.git / log