From 0995f61efc833223be6bc85d4e660ce8c0f6eecf Mon Sep 17 00:00:00 2001 From: Aurelien Jarno Date: Sat, 15 Jun 2019 21:51:42 +0200 Subject: [PATCH] Move timeserver from czerny to manda-node03 --- modules/ntp/files/ntpkey_iff_czerny.pub | 14 --------- modules/ntp/files/ntpkey_iff_manda-node03.pub | 14 +++++++++ modules/ntp/manifests/client.pp | 9 ++++-- modules/ntp/templates/ntp.conf | 30 +++++++++---------- modules/ntpdate/manifests/init.pp | 2 +- 5 files changed, 36 insertions(+), 33 deletions(-) delete mode 100644 modules/ntp/files/ntpkey_iff_czerny.pub create mode 100644 modules/ntp/files/ntpkey_iff_manda-node03.pub diff --git a/modules/ntp/files/ntpkey_iff_czerny.pub b/modules/ntp/files/ntpkey_iff_czerny.pub deleted file mode 100644 index 2864b3c5e..000000000 --- a/modules/ntp/files/ntpkey_iff_czerny.pub +++ /dev/null @@ -1,14 +0,0 @@ -# ntpkey_iffpar_czerny.3580363383 -# Sun Jun 16 09:23:03 2013 - -# This is the public version of this 'private' key - -# the private data has been replaced by 0x01. -# (just ask 'openssl dsa -text < foo.pub') - ------BEGIN DSA PRIVATE KEY----- -MIHkAgEAAkEAm1nhgQ5JMlVOgd/InHfjoo3fitu2BuJkEFZrN6NXVB1mrZS523cb -nxdujmM6CsQbRKH/V85hxVrbgvKzC7i7LQIVAM1KPTu/thw8w9C8/uZthu3SqWnf -AkBb6TJy5An0xnrYIXmzqG37p03wQFUsRkFaNxP+a6xupbskIth6WE8gLRhhJHZm -DTvn/w0yXZ9XHBDpcLlhZ9wHAkBb6TJy5An0xnrYIXmzqG37p03wQFUsRkFaNxP+ -a6xupbskIth6WE8gLRhhJHZmDTvn/w0yXZ9XHBDpcLlhZ9wHAgEB ------END DSA PRIVATE KEY----- diff --git a/modules/ntp/files/ntpkey_iff_manda-node03.pub b/modules/ntp/files/ntpkey_iff_manda-node03.pub new file mode 100644 index 000000000..bd9419506 --- /dev/null +++ b/modules/ntp/files/ntpkey_iff_manda-node03.pub @@ -0,0 +1,14 @@ +# ntpkey_iffpar_manda-node03.3769616470 +# Sat Jun 15 19:43:02 2019 + +# This is the public version of this 'private' key - +# the private data has been replaced by 0x01. +# (just ask 'openssl dsa -text < foo.pub') + +-----BEGIN DSA PRIVATE KEY----- +MIHmAgEAAkEAyv4YnxjnvJiFem73XmVcR+lRhl8s4SMLmqLqLLkiIUIqaAhWErWb +tduC77+paS+Z6eQvAzH8dSSct4SHyM0izwIVAJHn1Mg6pl1zZT7wDdk+ytg1sGVT +AkEAxis2eFGMe5aKAqBIPatbrzavv3RlMVdb7x4LCt8+OY1B3rEjT9EPDmIgNx4G +7vbgL9Vd1Ub2xjDBLzAvLqhnvQJBAMYrNnhRjHuWigKgSD2rW682r790ZTFXW+8e +CwrfPjmNQd6xI0/RDw5iIDceBu724C/VXdVG9sYwwS8wLy6oZ70CAQE= +-----END DSA PRIVATE KEY----- diff --git a/modules/ntp/manifests/client.pp b/modules/ntp/manifests/client.pp index d75702cd8..e57e6e224 100644 --- a/modules/ntp/manifests/client.pp +++ b/modules/ntp/manifests/client.pp @@ -4,9 +4,6 @@ class ntp::client { require => Package['ntp'], notify => Service['ntp'] } - file { '/etc/ntp.keys.d/ntpkey_iff_czerny': - source => 'puppet:///modules/ntp/ntpkey_iff_czerny.pub', - } file { '/etc/ntp.keys.d/ntpkey_iff_clementi': source => 'puppet:///modules/ntp/ntpkey_iff_clementi.pub', } @@ -16,6 +13,12 @@ class ntp::client { file { '/etc/ntp.keys.d/ntpkey_iff_bm-bl2': source => 'puppet:///modules/ntp/ntpkey_iff_bm-bl2.pub', } + file { '/etc/ntp.keys.d/ntpkey_iff_manda-node03': + source => 'puppet:///modules/ntp/ntpkey_iff_manda-node03.pub', + } + file { '/etc/ntp.keys.d/ntpkey_iff_czerny': + ensure => absent, + } file { '/etc/ntp.keys.d/ntpkey_iff_ubc-bl2': ensure => absent, } diff --git a/modules/ntp/templates/ntp.conf b/modules/ntp/templates/ntp.conf index 406d2f6d4..462f80560 100644 --- a/modules/ntp/templates/ntp.conf +++ b/modules/ntp/templates/ntp.conf @@ -25,25 +25,25 @@ leapfile /usr/share/zoneinfo/leap-seconds.list <% elsif scope.lookupvar('site::nodeinfo')['misc']['natted'] -%> # autokey doesn't work behind nat -# czerny's, and bm-bl2's ipv4 IP, hard coded for the benefit of +# manda-node03's, and bm-bl2's ipv4 IP, hard coded for the benefit of # hosts that do not have RTC's (since they won't be able to do DNS until # they have a reasonable clock). -server 82.195.75.109 iburst -server 5.153.231.242 iburst +server 82.195.75.69 iburst +server 5.153.231.242 iburst -server czerny.debian.org iburst -server clementi.debian.org iburst -server bm-bl1.debian.org iburst -server bm-bl2.debian.org iburst +server manda-node03.debian.org iburst +server clementi.debian.org iburst +server bm-bl1.debian.org iburst +server bm-bl2.debian.org iburst <% else -%> -server czerny.debian.org iburst autokey -server clementi.debian.org iburst autokey -server bm-bl1.debian.org iburst autokey -server bm-bl2.debian.org iburst autokey -restrict czerny.debian.org notrust nomodify notrap ntpport -restrict clementi.debian.org notrust nomodify notrap ntpport -restrict bm-bl1.debian.org notrust nomodify notrap ntpport -restrict bm-bl2.debian.org notrust nomodify notrap ntpport +server manda-node03.debian.org iburst autokey +server clementi.debian.org iburst autokey +server bm-bl1.debian.org iburst autokey +server bm-bl2.debian.org iburst autokey +restrict manda-node03.debian.org notrust nomodify notrap ntpport +restrict clementi.debian.org notrust nomodify notrap ntpport +restrict bm-bl1.debian.org notrust nomodify notrap ntpport +restrict bm-bl2.debian.org notrust nomodify notrap ntpport <% end -%> restrict -4 default kod notrap nomodify nopeer noquery diff --git a/modules/ntpdate/manifests/init.pp b/modules/ntpdate/manifests/init.pp index 674d726ed..74cc23b97 100644 --- a/modules/ntpdate/manifests/init.pp +++ b/modules/ntpdate/manifests/init.pp @@ -9,7 +9,7 @@ class ntpdate { } $ntpservers = $::hostname ? { - default => ['czerny.debian.org', 'clementi.debian.org', 'bm-bl1.debian.org', 'bm-bl2.debian.org'] + default => ['manda-node03.debian.org', 'clementi.debian.org', 'bm-bl1.debian.org', 'bm-bl2.debian.org'] } file { '/etc/default/ntpdate': -- 2.20.1