2 ## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
3 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
9 [ 'denis.debian.org', 'ravel.debian.org' ],
10 [ 'denis.debian.org', 'senfl.debian.org' ],
11 [ 'denis.debian.org', 'diamond.debian.org' ],
12 [ 'denis.debian.org', 'orff.debian.org' ],
13 [ 'denis.debian.org', 'xfr0.easydns.com' ]
19 next unless pair.include?(fqdn)
24 if other == 'xfr0.easydns.com'
25 remote_ip = ['64.68.200.91']
26 algorithm = "hmac-md5";
27 keyname = "82.195.75.91-key"
28 key = "VoIkCnR5DaI3QP3xtmdCYg=="
30 remote_ip = scope.lookupvar('site::allnodeinfo')[other]['ipHostNumber']
31 algorithm = "hmac-sha256";
32 keyname = "tsig-#{pair.join('-')}"
33 key = scope.function_hkdf(['/etc/puppet/secret', "puppet-key-#{keyname}"])
36 lines << "key #{keyname} { algorithm #{algorithm}; secret \"#{key}\"; };"
38 lines << "server #{r} { keys { #{keyname}; }; };"