From: Peter Palfrader Date: Thu, 30 Apr 2009 19:35:37 +0000 (+0200) Subject: Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet X-Git-Url: https://git.donarmstrong.com/?a=commitdiff_plain;h=4de937c7dc6219cb51e2d6402208d260fde5b558;hp=341d96ae7a7c6fecaab9633b49a9e6493ecbbdfe;p=dsa-puppet.git Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet * 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet: Raise recursion depth for samhain ignore on etc/puppet better header Now locals is a template too and add a newline virtualdomains into a template Silly M dashes um. handel is puppetmast4er, not spohr Fix the syntax problems. Some day .... Lets see if putting the extra functions in git works A little more whitespace. It wasn't big enough Make even purposeless (useless?) hosts have nicely formatted motds --- diff --git a/files/etc/puppet/lib/puppet/parser/functions/nodeinfo.rb b/files/etc/puppet/lib/puppet/parser/functions/nodeinfo.rb new file mode 100644 index 00000000..db16133a --- /dev/null +++ b/files/etc/puppet/lib/puppet/parser/functions/nodeinfo.rb @@ -0,0 +1,39 @@ +module Puppet::Parser::Functions + newfunction(:nodeinfo, :type => :rvalue) do |args| + + host = args[0] + yamlfile = args[1] + parser.watch_file(yamlfile) + + require 'ldap' + require 'yaml' + + $KCODE = 'utf-8' + + yaml = YAML.load_file(yamlfile) + results = {} + + ['nameinfo', 'footer'].each do |detail| + if yaml.has_key?(detail) + if yaml[detail].has_key?(host) + results[detail] = yaml[detail][host] + end + end + end + + ldap = LDAP::Conn.new('samosa.debian.org') + + results['ldap'] = [] + filter = '(hostname=' + host +')' + begin + ldap.search2('ou=hosts,dc=debian,dc=org', LDAP::LDAP_SCOPE_SUBTREE, filter) do |x| + results['ldap'] << x + end + rescue LDAP::ResultError + rescue RuntimeError + ensure + ldap.unbind + end + return(results) + end +end diff --git a/files/etc/puppet/puppet.conf b/files/etc/puppet/puppet.conf index 67938895..931ce3ce 100644 --- a/files/etc/puppet/puppet.conf +++ b/files/etc/puppet/puppet.conf @@ -13,3 +13,4 @@ pluginsync=true [puppetmasterd] templatedir=/etc/puppet/templates +libdir=/etc/puppet/lib diff --git a/modules/debian-org/manifests/init.pp b/modules/debian-org/manifests/init.pp index ad031655..be3e3e05 100644 --- a/modules/debian-org/manifests/init.pp +++ b/modules/debian-org/manifests/init.pp @@ -47,10 +47,27 @@ class debian-org { source => "puppet:///files/etc/default/puppet", notify => Exec["puppet restart"]; } + case $hostname { + handel: { + file { + "/etc/puppet/lib": + ensure => directory, + source => "puppet:///files/etc/puppet/lib", + recurse => true, + notify => Exec["puppetmaster restart"]; + } + } + default: {} + } + exec { "puppet reload": path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin", refreshonly => true, } + exec { "puppetmaster restart": + path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin", + refreshonly => true, + } exec { "puppet restart": path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin", refreshonly => true, diff --git a/modules/debian-org/misc/local.yaml b/modules/debian-org/misc/local.yaml index 855c3236..f09d17d9 100644 --- a/modules/debian-org/misc/local.yaml +++ b/modules/debian-org/misc/local.yaml @@ -7,25 +7,25 @@ nameinfo: argento.debian.org: Dominick Argento (b. October 27, 1927) bartok.debian.org: Béla Viktor János Bartók (March 25, 1881 - September 26, 1945) brahms.debian.org: Johannes Brahms (May 7, 1833 - April 3, 1897) - carver.debian.org: Robert Carver (ca.1485 – ca.1570) + carver.debian.org: Robert Carver (ca.1485 - ca.1570) chopin.debian.org: Frédéric Chopin (1 March 1810 - 17 October 1849) dijkstra.debian.org: Lowell Dijkstra (b.1952) gluck.debian.org: Christoph Willibald Ritter von Gluck (2 July 1714 - 15 November 1787) goedel.debian.org: Kurt Gödel (April 28, 1906 - January 14, 1978) goetz.debian.org: Hermann Gustav Goetz (December 7, 1840 - December 3, 1876) - handel.debian.org: Georg Friedrich Händel (23 February 1685 – 14 April 1759) + handel.debian.org: Georg Friedrich Händel (23 February 1685 - 14 April 1759) kassia.debian.org: Kassia (between 805 and 810 - bef. 867) klecker.debian.org: Dedicated to Joel 'Espy' Klecker (1979 - July 11, 2000) lafayette.debian.org: Eugenie Lafayette lebrun.debian.org: Francesca Lebrun (March 24, 1756 - May 14, 1791) - mahler.debian.org: Gustav Mahler (7 July 1860 – 18 May 1911) + mahler.debian.org: Gustav Mahler (7 July 1860 - 18 May 1911) mayr.debian.org: Johann(es) Simon Mayr (June 14, 1763 - December 2, 1845) merkel.debian.org: Gustav (Adolf) Merkel (November 12, 1827 - October 30, 1885) merulo.debian.org: Claudio Merulo (8 April 1533 - 4 May 1604) morales.debian.org: Cristóbal de Morales (c. 1500 - between September 4 and October 7, 1553) - mundy.debian.org: William Mundy (c. 1529 – 1591) + mundy.debian.org: William Mundy (c. 1529 - 1591) paer.debian.org: Ferdinando Paër (July 1, 1771 - May 3, 1839) - penalosa.debian.org: Francisco de Peñalosa (c. 1470 – April 1, 1528) + penalosa.debian.org: Francisco de Peñalosa (c. 1470 - April 1, 1528) pergolesi.debian.org: Giovanni Battista Pergolesi (4 January 1710 - 16 or 17 March 1736) peri.debian.org: Jacopo Peri (20 August 1561 - 12 August 1633) pescetti.debian.org: Giovanni Battista Pescetti (ca. 1704 - 1766) @@ -37,7 +37,7 @@ nameinfo: ravel.debian.org: Joseph-Maurice Ravel (March 7, 1875 - December 28, 1937) ries.debian.org: Franz Ries (1846-1932) rietz.debian.org: August Wilhelm Julius Rietz (December 28, 1812 - September 12, 1877) - rore.debian.org: Cipriano de Rore (occasionally Cypriano) (1515 or 1516 – between September 11 and September 20, 1565) + rore.debian.org: Cipriano de Rore (occasionally Cypriano) (1515 or 1516 - between September 11 and September 20, 1565) saens.debian.org: Charles-Camille Saint-Saëns (9 October 1835 - 16 December 1921) sarti.debian.org: Giuseppe Sarti (baptised December 1, 1729 - July 28, 1802) schein.debian.org: Johann Hermann Schein (January 20, 1586 - November 19, 1630) @@ -52,7 +52,7 @@ nameinfo: tartini.debian.org: Giuseppe Tartini (April 8, 1692 - February 26, 1770) unger.debian.org: Caroline Unger (October 28, 1803 - March 23, 1877) verdi.debian.org: Giuseppe Fortunino Francesco Verdi (October 9 or 10, 1813 - January 27, 1901) - voltaire.debian.org: François-Marie Arouet (Voltaire) (21 November 1694 – 30 May 1778) + voltaire.debian.org: François-Marie Arouet (Voltaire) (21 November 1694 - 30 May 1778) wagner.debian.org: Wilhelm Richard Wagner (22 May 1813 - 13 February 1883) widor.debian.org: Charles-Marie Jean Albert Widor (February 21, 1844 - March 12, 1937) wieck.debian.org: Clara Josephine Wieck (September 13, 1819 - May 20, 1896) diff --git a/modules/exim/files/common/locals b/modules/exim/files/common/locals deleted file mode 100644 index 3e0ece1a..00000000 --- a/modules/exim/files/common/locals +++ /dev/null @@ -1,5 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - diff --git a/modules/exim/files/common/virtualdomains b/modules/exim/files/common/virtualdomains deleted file mode 100644 index 3c267060..00000000 --- a/modules/exim/files/common/virtualdomains +++ /dev/null @@ -1,22 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# virtualdomains - This is a list of all virtual domains. A virtual domain -# is much like a local domain, execpt that the delivery location -# and allowed set of users is controlled by a virtual domain -# alias file and not /etc/passwd. Wildcards are permitted - -# This file lists the virtual domains that this host should handle. The -# format is -# host: user=user group=group directory=dir -# Host may be a wildcard. -# User/Group are the symbolic names of the uid/gid to operate under when -# performing deliveries for this name. These should not be root! -# Directory is the directory to look in for data files. The directory and -# files may be group writable. The first file to lookup is DIR/aliases -# which is a traditional exim/sendmail alias file. You can specify -# users, patterns, pipes and filenames. If that fails then -# .forward-foo is tried, should that fail then .forward-default is tried. -# Finally the email will bounce. diff --git a/modules/exim/files/per-host/albeniz.debian.org/locals b/modules/exim/files/per-host/albeniz.debian.org/locals deleted file mode 100644 index afb9f59f..00000000 --- a/modules/exim/files/per-host/albeniz.debian.org/locals +++ /dev/null @@ -1,6 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -deb-alpha1.sanger.ac.uk diff --git a/modules/exim/files/per-host/ball.debian.org/locals b/modules/exim/files/per-host/ball.debian.org/locals deleted file mode 100644 index ada5e603..00000000 --- a/modules/exim/files/per-host/ball.debian.org/locals +++ /dev/null @@ -1,6 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -ball.einval.com diff --git a/modules/exim/files/per-host/gluck.debian.org/virtualdomains b/modules/exim/files/per-host/gluck.debian.org/virtualdomains deleted file mode 100644 index 1cd39fd3..00000000 --- a/modules/exim/files/per-host/gluck.debian.org/virtualdomains +++ /dev/null @@ -1,29 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# virtualdomains - This is a list of all virtual domains. A virtual domain -# is much like a local domain, execpt that the delivery location -# and allowed set of users is controlled by a virtual domain -# alias file and not /etc/passwd. Wildcards are permitted - -# This file lists the virtual domains that this host should handle. The -# format is -# host: user=user group=group directory=dir -# Host may be a wildcard. -# User/Group are the symbolic names of the uid/gid to operate under when -# performing deliveries for this name. These should not be root! -# Directory is the directory to look in for data files. The directory and -# files may be group writable. The first file to lookup is DIR/aliases -# which is a traditional exim/sendmail alias file. You can specify -# users, patterns, pipes and filenames. If that fails then -# .forward-foo is tried, should that fail then .forward-default is tried. -# Finally the email will bounce. - -ddtp.debian.org: user=grisu group=Debian directory=/org/ddtp.debian.org/mail -admin.debian.org: user=mail_admin group=mail_admin directory=/org/admin.debian.org/mail/ -popcon.debian.org: user=popcon group=popcon directory=/org/popcon.debian.org/mail/ - -debian.com: user=nobody group=Debian directory=/org/misc/star.debian.org/ -debian.net: user=nobody group=Debian directory=/org/misc/star.debian.org/ diff --git a/modules/exim/files/per-host/handel.debian.org/virtualdomains b/modules/exim/files/per-host/handel.debian.org/virtualdomains deleted file mode 100644 index 41a71568..00000000 --- a/modules/exim/files/per-host/handel.debian.org/virtualdomains +++ /dev/null @@ -1,9 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# This file lists the virtual domains that this host should handle. The -# format is -# host: user=user group=group directory=dir -puppet.debian.org: user=sgran group=Debian directory=/srv/puppet.debian.org/mail diff --git a/modules/exim/files/per-host/klecker.debian.org/virtualdomains b/modules/exim/files/per-host/klecker.debian.org/virtualdomains deleted file mode 100644 index 5ce1a13d..00000000 --- a/modules/exim/files/per-host/klecker.debian.org/virtualdomains +++ /dev/null @@ -1,26 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# virtualdomains - This is a list of all virtual domains. A virtual domain -# is much like a local domain, execpt that the delivery location -# and allowed set of users is controlled by a virtual domain -# alias file and not /etc/passwd. Wildcards are permitted - -# This file lists the virtual domains that this host should handle. The -# format is -# host: user=user group=group directory=dir -# Host may be a wildcard. -# User/Group are the symbolic names of the uid/gid to operate under when -# performing deliveries for this name. These should not be root! -# Directory is the directory to look in for data files. The directory and -# files may be group writable. The first file to lookup is DIR/aliases -# which is a traditional exim/sendmail alias file. You can specify -# users, patterns, pipes and filenames. If that fails then -# .forward-foo is tried, should that fail then .forward-default is tried. -# Finally the email will bounce. - -security.debian.org: user=mail_security group=nogroup directory=/org/security.debian.org/mail/ -non-us.debian.org: user=katie group=debadmin directory=/org/non-us.debian.org/mail/ -www-master.debian.org: user=debwww group=debwww directory=/org/www.debian.org/mail/ diff --git a/modules/exim/files/per-host/malo.debian.org/locals b/modules/exim/files/per-host/malo.debian.org/locals deleted file mode 100644 index 5555de1f..00000000 --- a/modules/exim/files/per-host/malo.debian.org/locals +++ /dev/null @@ -1,6 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -malo.debian.osuosl.org diff --git a/modules/exim/files/per-host/master.debian.org/locals b/modules/exim/files/per-host/master.debian.org/locals deleted file mode 100644 index 108538c7..00000000 --- a/modules/exim/files/per-host/master.debian.org/locals +++ /dev/null @@ -1,9 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -master.debian.org -debian.org -debian.novare.net -master.novare.net diff --git a/modules/exim/files/per-host/master.debian.org/virtualdomains b/modules/exim/files/per-host/master.debian.org/virtualdomains deleted file mode 100644 index ed02ae68..00000000 --- a/modules/exim/files/per-host/master.debian.org/virtualdomains +++ /dev/null @@ -1,12 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# This file lists the virtual domains that this host should handle. The -# format is -# host: user=user group=group directory=dir - -vote.debian.org: user=secretary group=debvote directory=/org/vote.debian.org/mail -packages.qa.debian.org: user=qa group=qa directory=/org/packages.qa.debian.org/mail -bugs.qa.debian.org: user=cjwatson group=qa directory=/org/bugs.qa.debian.org/mail diff --git a/modules/exim/files/per-host/merkel.debian.org/virtualdomains b/modules/exim/files/per-host/merkel.debian.org/virtualdomains deleted file mode 100644 index 49c099d6..00000000 --- a/modules/exim/files/per-host/merkel.debian.org/virtualdomains +++ /dev/null @@ -1,26 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# virtualdomains - This is a list of all virtual domains. A virtual domain -# is much like a local domain, execpt that the delivery location -# and allowed set of users is controlled by a virtual domain -# alias file and not /etc/passwd. Wildcards are permitted - -# This file lists the virtual domains that this host should handle. The -# format is -# host: user=user group=group directory=dir -# Host may be a wildcard. -# User/Group are the symbolic names of the uid/gid to operate under when -# performing deliveries for this name. These should not be root! -# Directory is the directory to look in for data files. The directory and -# files may be group writable. The first file to lookup is DIR/aliases -# which is a traditional exim/sendmail alias file. You can specify -# users, patterns, pipes and filenames. If that fails then -# .forward-foo is tried, should that fail then .forward-default is tried. -# Finally the email will bounce. - -qa.debian.org: user=qa group=qa directory=/org/qa.debian.org/mail/ -bugs.qa.debian.org: user=nobody group=nogroup directory=/org/bugs.qa.debian.org/mail/ -nm.debian.org: user=nm group=nm directory=/org/nm.debian.org/mail/ diff --git a/modules/exim/files/per-host/powell.debian.org/virtualdomains b/modules/exim/files/per-host/powell.debian.org/virtualdomains deleted file mode 100644 index 20413c06..00000000 --- a/modules/exim/files/per-host/powell.debian.org/virtualdomains +++ /dev/null @@ -1,9 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# This file lists the virtual domains that this host should handle. The -# format is -# host: user=user group=group directory=dir -packages.debian.org: user=nobody group=Debian directory=/org/packages.debian.org/mail/ diff --git a/modules/exim/files/per-host/raff.debian.org/virtualdomains b/modules/exim/files/per-host/raff.debian.org/virtualdomains deleted file mode 100644 index b7a5500f..00000000 --- a/modules/exim/files/per-host/raff.debian.org/virtualdomains +++ /dev/null @@ -1,10 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# This file lists the virtual domains that this host should handle. The -# format is -# host: user=user group=group directory=dir -buildd.debian.org: user=wbadm group=wbadm directory=/srv/buildd.debian.org/mail -logs.buildd.debian.org: user=wbadm group=wbadm directory=/srv/logs.buildd.debian.org/mail diff --git a/modules/exim/files/per-host/rem.debian.org/locals b/modules/exim/files/per-host/rem.debian.org/locals deleted file mode 100644 index 2fe93b03..00000000 --- a/modules/exim/files/per-host/rem.debian.org/locals +++ /dev/null @@ -1,6 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -rem.rfc822.org diff --git a/modules/exim/files/per-host/ries.debian.org/virtualdomains b/modules/exim/files/per-host/ries.debian.org/virtualdomains deleted file mode 100644 index c4e28028..00000000 --- a/modules/exim/files/per-host/ries.debian.org/virtualdomains +++ /dev/null @@ -1,10 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# This file lists the virtual domains that this host should handle. The -# format is -# host: user=user group=group directory=dir -release.debian.org: user=release group=debian-release directory=/org/release.debian.org/mail -ftp-master.debian.org: user=dak group=debadmin directory=/srv/ftp.debian.org/mail group_writable=true diff --git a/modules/exim/files/per-host/rietz.debian.org/virtualdomains b/modules/exim/files/per-host/rietz.debian.org/virtualdomains deleted file mode 100644 index 2cd091bb..00000000 --- a/modules/exim/files/per-host/rietz.debian.org/virtualdomains +++ /dev/null @@ -1,9 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# This file lists the virtual domains that this host should handle. The -# format is -# host: user=user group=group directory=dir -bugs.debian.org: user=debbugs group=debbugs directory=/srv/bugs.debian.org/mail diff --git a/modules/exim/files/per-host/saens.debian.org/locals b/modules/exim/files/per-host/saens.debian.org/locals deleted file mode 100644 index b6f60138..00000000 --- a/modules/exim/files/per-host/saens.debian.org/locals +++ /dev/null @@ -1,6 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -debian-mirror.cs.umn.edu diff --git a/modules/exim/files/per-host/samosa.debian.org/virtualdomains b/modules/exim/files/per-host/samosa.debian.org/virtualdomains deleted file mode 100644 index 8443f21a..00000000 --- a/modules/exim/files/per-host/samosa.debian.org/virtualdomains +++ /dev/null @@ -1,24 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# virtualdomains - This is a list of all virtual domains. A virtual domain -# is much like a local domain, execpt that the delivery location -# and allowed set of users is controlled by a virtual domain -# alias file and not /etc/passwd. Wildcards are permitted - -# This file lists the virtual domains that this host should handle. The -# format is -# host: user=user group=group directory=dir -# Host may be a wildcard. -# User/Group are the symbolic names of the uid/gid to operate under when -# performing deliveries for this name. These should not be root! -# Directory is the directory to look in for data files. The directory and -# files may be group writable. The first file to lookup is DIR/aliases -# which is a traditional exim/sendmail alias file. You can specify -# users, patterns, pipes and filenames. If that fails then -# .forward-foo is tried, should that fail then .forward-default is tried. -# Finally the email will bounce. - -db.debian.org: user=mail_db group=nogroup directory=/org/db.debian.org/mail diff --git a/modules/exim/files/per-host/spohr.debian.org/virtualdomains b/modules/exim/files/per-host/spohr.debian.org/virtualdomains deleted file mode 100644 index 4ee712c2..00000000 --- a/modules/exim/files/per-host/spohr.debian.org/virtualdomains +++ /dev/null @@ -1,9 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# This file lists the virtual domains that this host should handle. The -# format is -# host: user=user group=group directory=dir -rt.debian.org: user=rt group=rt directory=/srv/rt.debian.org/mail diff --git a/modules/exim/files/per-host/tartini.debian.org/virtualdomains b/modules/exim/files/per-host/tartini.debian.org/virtualdomains deleted file mode 100644 index 58e11839..00000000 --- a/modules/exim/files/per-host/tartini.debian.org/virtualdomains +++ /dev/null @@ -1,9 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# This file lists the virtual domains that this host should handle. The -# format is -# host: user=user group=group directory=dir -forums.debian.net: user=forums group=forums directory=/srv/forums.debian.net/mail diff --git a/modules/exim/files/per-host/widor.debian.org/virtualdomains b/modules/exim/files/per-host/widor.debian.org/virtualdomains deleted file mode 100644 index 64952b05..00000000 --- a/modules/exim/files/per-host/widor.debian.org/virtualdomains +++ /dev/null @@ -1,10 +0,0 @@ -## -## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. -## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git -## - -# This file lists the virtual domains that this host should handle. The -# format is -# host: user=user group=group directory=dir -wiki.debian.org: user=wiki group=wikiadm directory=/org/wiki.debian.org/mail - diff --git a/modules/exim/manifests/init.pp b/modules/exim/manifests/init.pp index 3ad6a6e0..2d8b2379 100644 --- a/modules/exim/manifests/init.pp +++ b/modules/exim/manifests/init.pp @@ -50,8 +50,7 @@ class exim { ; "/etc/exim4/locals": require => Package["exim4-daemon-heavy"], - source => [ "puppet:///exim/per-host/$fqdn/locals", - "puppet:///exim/common/locals" ] + content => template("exim/locals.erb") ; "/etc/exim4/localusers": require => Package["exim4-daemon-heavy"], @@ -75,8 +74,7 @@ class exim { ; "/etc/exim4/virtualdomains": require => Package["exim4-daemon-heavy"], - source => [ "puppet:///exim/per-host/$fqdn/virtualdomains", - "puppet:///exim/common/virtualdomains" ] + content => template("exim/virtualdomains.erb") ; "/etc/exim4/whitelist": require => Package["exim4-daemon-heavy"], diff --git a/modules/exim/templates/locals.erb b/modules/exim/templates/locals.erb new file mode 100644 index 00000000..6d81aabb --- /dev/null +++ b/modules/exim/templates/locals.erb @@ -0,0 +1,19 @@ +## +## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. +## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git +## + +<%= +locals = case fqdn + when "albeniz.debian.org" then "deb-alpha1.sanger.ac.uk" + when "ball.debian.org" then "ball.einval.com" + when "malo.debian.org" then "malo.debian.osuosl.org" + when "master.debian.org" then "master.debian.org +debian.org +debian.novare.net +master.novare.net" + when "rem.debian.org" then "rem.rfc822.org" + when "saens.debian.org" then "debian-mirror.cs.umn.edu" +end +locals +%> diff --git a/modules/exim/templates/virtualdomains.erb b/modules/exim/templates/virtualdomains.erb new file mode 100644 index 00000000..ebcbee7f --- /dev/null +++ b/modules/exim/templates/virtualdomains.erb @@ -0,0 +1,62 @@ +## +## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. +## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git +## + +# This file lists the virtual domains that this host should handle. The +# format is +# host: user=user group=group directory=dir +# Host may be a wildcard. +# User/Group are the symbolic names of the uid/gid to operate under when +# performing deliveries for this name. These should not be root! +# Directory is the directory to look in for data files. The directory and +# files may be group writable. The first file to lookup is DIR/aliases +# which is a traditional exim/sendmail alias file. You can specify +# users, patterns, pipes and filenames. If that fails then +# .forward-foo is tried, should that fail then .forward-default is tried. +# Finally the email will bounce. + +<%= +vdoms = case fqdn + + when "gluck.debian.org" then "ddtp.debian.org: user=grisu group=Debian directory=/org/ddtp.debian.org/mail +admin.debian.org: user=mail_admin group=mail_admin directory=/org/admin.debian.org/mail/ +popcon.debian.org: user=popcon group=popcon directory=/org/popcon.debian.org/mail/ + +debian.com: user=nobody group=Debian directory=/org/misc/star.debian.org/ +debian.net: user=nobody group=Debian directory=/org/misc/star.debian.org/" + + when "handel.debian.org" then "puppet.debian.org: user=sgran group=Debian directory=/srv/puppet.debian.org/mail" + + when "klecker.debian.org" then "security.debian.org: user=mail_security group=nogroup directory=/org/security.debian.org/mail/ +non-us.debian.org: user=katie group=debadmin directory=/org/non-us.debian.org/mail/ +www-master.debian.org: user=debwww group=debwww directory=/org/www.debian.org/mail/" + + when "master.debian.org" then "vote.debian.org: user=secretary group=debvote directory=/org/vote.debian.org/mail +packages.qa.debian.org: user=qa group=qa directory=/org/packages.qa.debian.org/mail +bugs.qa.debian.org: user=cjwatson group=qa directory=/org/bugs.qa.debian.org/mail" + + when "merkel.debian.org" then "qa.debian.org: user=qa group=qa directory=/org/qa.debian.org/mail/ +bugs.qa.debian.org: user=nobody group=nogroup directory=/org/bugs.qa.debian.org/mail/ +nm.debian.org: user=nm group=nm directory=/org/nm.debian.org/mail/" + + when "powell.debian.org" then "packages.debian.org: user=nobody group=Debian directory=/org/packages.debian.org/mail/" + + when "raff.debian.org" then "buildd.debian.org: user=wbadm group=wbadm directory=/srv/buildd.debian.org/mail +logs.buildd.debian.org: user=wbadm group=wbadm directory=/srv/logs.buildd.debian.org/mail" + + when "ries.debian.org" then "release.debian.org: user=release group=debian-release directory=/org/release.debian.org/mail +ftp-master.debian.org: user=dak group=debadmin directory=/srv/ftp.debian.org/mail group_writable=true" + + when "rietz.debian.org" then "bugs.debian.org: user=debbugs group=debbugs directory=/srv/bugs.debian.org/mail" + + when "samosa.debian.org" then "db.debian.org: user=mail_db group=nogroup directory=/org/db.debian.org/mail" + + when "spohr.debian.org" then "rt.debian.org: user=rt group=rt directory=/srv/rt.debian.org/mail" + + when "tartini.debian.org" then "forums.debian.net: user=forums group=forums directory=/srv/forums.debian.net/mail" + + when "widor.debian.org" then "wiki.debian.org: user=wiki group=wikiadm directory=/org/wiki.debian.org/mail" +end +vdoms +%> diff --git a/modules/motd/templates/motd.erb b/modules/motd/templates/motd.erb index b186dc91..24f810b8 100644 --- a/modules/motd/templates/motd.erb +++ b/modules/motd/templates/motd.erb @@ -1,3 +1,4 @@ + This device is for authorized users only. All traffic on this device is monitored and will be used as evidence for prosecutions. @@ -44,6 +45,8 @@ if (nodeinfo['ldap'].at(0)) and (nodeinfo['ldap'][0].has_key?('purpose')) purp += "\t" + l + "\n" end end +else + purp += "\n" end if nodeinfo.has_key?('footer') @@ -53,3 +56,4 @@ purp -%> %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + diff --git a/modules/samhain/files/per-host/handel.debian.org/samhainrc b/modules/samhain/files/per-host/handel.debian.org/samhainrc index fef3ac6d..bd3503f4 100644 --- a/modules/samhain/files/per-host/handel.debian.org/samhainrc +++ b/modules/samhain/files/per-host/handel.debian.org/samhainrc @@ -229,7 +229,7 @@ file=/etc/puppet/puppet.conf file=/etc/default/puppet file=/etc/logrotate.d/exim4-paniclog file=/etc/logrotate.d/exim4-base -dir=4/etc/puppet +dir=8/etc/puppet file=/usr/sbin/dsa-update-apt-status file=/usr/sbin/dsa-update-samhain-status file=/etc/nagios/nrpe.d/nrpe_dsa.cfg