X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=modules%2Fnamed%2Ftemplates%2Fnamed.conf.puppet-shared-keys.erb;h=33afad60923e143ee0323f25d68fcb1c9ee7e050;hb=442aca53e90777515bf6ede3cb4294f924c9cf0f;hp=07172b1f64d39d680db3131d601abf069beecf4c;hpb=7e22696fbb4b41c03143532a9676aae6749329e0;p=dsa-puppet.git

diff --git a/modules/named/templates/named.conf.puppet-shared-keys.erb b/modules/named/templates/named.conf.puppet-shared-keys.erb
index 07172b1f..33afad60 100644
--- a/modules/named/templates/named.conf.puppet-shared-keys.erb
+++ b/modules/named/templates/named.conf.puppet-shared-keys.erb
@@ -9,7 +9,8 @@ pairs = [
 	[ 'denis.debian.org', 'ravel.debian.org' ],
 	[ 'denis.debian.org', 'senfl.debian.org' ],
 	[ 'denis.debian.org', 'diamond.debian.org' ],
-	[ 'denis.debian.org', 'orff.debian.org' ]
+	[ 'denis.debian.org', 'orff.debian.org' ],
+	[ 'denis.debian.org', 'xfr0.easydns.com' ]
 	]
 
 lines = []
@@ -17,17 +18,24 @@ lines = []
 pairs.each do |pair|
 	next unless pair.include?(fqdn)
 	pair.sort!
-	keyname = "tsig-#{pair.join('-')}"
 	pair.delete(fqdn)
 	other = pair[0]
 
-	key = hkdf('/etc/puppet/secret', "puppet-key-#{keyname}")
-
-	lines << "key #{keyname} { algorithm hmac-md5; secret \"#{key}\"; };\n"
+	if other == 'xfr0.easydns.com'
+		remote_ip = ['64.68.200.91']
+		algorithm = "hmac-md5";
+		keyname = "82.195.75.91-key"
+		key = "VoIkCnR5DaI3QP3xtmdCYg=="
+	else
+		remote_ip = scope.lookupvar('site::allnodeinfo')[other]['ipHostNumber']
+		algorithm = "hmac-sha256";
+		keyname = "tsig-#{pair.join('-')}"
+		key = scope.function_hkdf(['/etc/puppet/secret', "puppet-key-#{keyname}"])
+	end
 
-	remote_ip = scope.lookupvar('site::allnodeinfo')[other]['ipHostNumber']
+	lines << "key #{keyname} { algorithm #{algorithm}; secret \"#{key}\"; };"
 	remote_ip.each do |r|
-		lines << "server #{r} { keys { #{keyname}; }; };\n"
+		lines << "server #{r} { keys { #{keyname}; }; };"
 	end
 	lines << ""
 end