]> git.donarmstrong.com Git - dsa-puppet.git/blobdiff - modules/named/templates/named.conf.puppet-shared-keys.erb
projects / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
use easydns-generated tsig key since need key name to match
[dsa-puppet.git] / modules / named / templates / named.conf.puppet-shared-keys.erb
diff --git a/modules/named/templates/named.conf.puppet-shared-keys.erb b/modules/named/templates/named.conf.puppet-shared-keys.erb
index c9e68368b0bedbabf8a5f654e7edae073426529c..33afad60923e143ee0323f25d68fcb1c9ee7e050 100644 (file)
--- a/modules/named/templates/named.conf.puppet-shared-keys.erb
+++ b/modules/named/templates/named.conf.puppet-shared-keys.erb
@@ -18,19 +18,21 @@ lines = []
 pairs.each do |pair|
        next unless pair.include?(fqdn)
        pair.sort!
-       keyname = "tsig-#{pair.join('-')}"
        pair.delete(fqdn)
        other = pair[0]
 
        if other == 'xfr0.easydns.com'
                remote_ip = ['64.68.200.91']
                algorithm = "hmac-md5";
+               keyname = "82.195.75.91-key"
+               key = "VoIkCnR5DaI3QP3xtmdCYg=="
        else
                remote_ip = scope.lookupvar('site::allnodeinfo')[other]['ipHostNumber']
                algorithm = "hmac-sha256";
+               keyname = "tsig-#{pair.join('-')}"
+               key = scope.function_hkdf(['/etc/puppet/secret', "puppet-key-#{keyname}"])
        end
 
-       key = scope.function_hkdf(['/etc/puppet/secret', "puppet-key-#{keyname}"])
        lines << "key #{keyname} { algorithm #{algorithm}; secret \"#{key}\"; };"
        remote_ip.each do |r|
                lines << "server #{r} { keys { #{keyname}; }; };"
Unnamed repository; edit this file 'description' to name the repository.