# maybe wait for rietz to be upgraded to lenny
-# case $hostname {
-# rietz,raff,klecker:
-# { include named-secondary }
-# default: {}
-# }
+ case $hostname {
+ rietz,raff,klecker:
+ { include named::secondary }
+ default: {}
+ }
case $hostname {
geo1,geo2,geo3:
{
- include geodns
+ include named::geodns
include ntp::server
}
default: {
+++ /dev/null
-#
-# THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-# USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
-#
-from="82.195.75.106,2001:41b8:202:deb:216:36ff:fe40:3906",command="/etc/bind/geodns/recvconf /etc/bind/geodns/recvconf.files",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA2cJCkmggW6TD0UPJP9lelDno8qbYGXPeYE4+QmkqJv8mslcHxmx5tA2TvpJ9qbAUMPOdZf9ihomwPmFzz9UNZH4eDA8F126UUP5DXsh7FC7yVGSBUNdJdYS7m2wtVs8ddhrVdI+8c39D7NVGGjtUCJCWA/3fE65O183Gm+vER65SYR6LfHlEiC2FBROs6qwnjQ0yw194MnU7Jxl/GsTdZ72ArkmcPjuWsVHWtkSTt0hPfgBOyL4vSfBgl2p2eQBXCEPOaPTa1Yr5qfur1+Cj+iwadEmPfRap6rBO3wfIjbXt/KncM2uFrCXuF1TOqQxrs5LSe8dz16vf9Ckf9Ae5wQ== geodnssync@draghi (20090527)
-from="91.103.132.25,2001:4b10:100b::dead:f00d",command="/etc/bind/geodns/recvconf /etc/bind/geodns/recvconf.files",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApBLc4ZoGTtXDJ1UhgA7NEPdwqibg5BSXZfKPgfM9wn0mZooAlYzVYwNfe08UmDwrGkSjeNphmzpiDFQA27WGLCgAw8SIjunojWKvJwJcDwx2W4OPLByZaVg/wcEivC2h0+xlRc9jFqKL5cOsTnKBuD4nC7r8qnNcWxyeEEJGP4PVb2zgrGhf8UK3bAqYPuQp0pBFo4EPdorxsgThshEWg9eqB94ph7s+YXoccoWh4NlH2TaO9QdjtsWCId6uhfpcrxjhwKRkqdjofKiOhBB3vqHE+Cpe95nKHZAP5JDgqFH/L+pzyOiRqfTeYh2ivaEBl6m5F7C/QlDBOFrOZkEtXQ== geodnssync key for sgran
+++ /dev/null
-//
-// THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-// USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
-//
-
-acl Nagios {
- 192.25.206.33/32;
-};
-
-// Africa
-acl AF {
- country_AO;
- country_BF;
- country_BI;
- country_BJ;
- country_BW;
- country_CD;
- country_CF;
- country_CG;
- country_CI;
- country_CM;
- country_CV;
- country_DJ;
- country_DZ;
- country_EG;
- country_EH;
- country_ER;
- country_ET;
- country_GA;
- country_GH;
- country_GM;
- country_GN;
- country_GQ;
- country_GW;
- country_KE;
- country_KM;
- country_LR;
- country_LS;
- country_LY;
- country_MA;
- country_MG;
- country_ML;
- country_MR;
- country_MU;
- country_MW;
- country_MZ;
- country_NA;
- country_NE;
- country_NG;
- country_RE;
- country_RW;
- country_SC;
- country_SD;
- country_SH;
- country_SL;
- country_SN;
- country_SO;
- country_ST;
- country_SZ;
- country_TD;
- country_TG;
- country_TN;
- country_TZ;
- country_UG;
- country_YT;
- country_ZA;
- country_ZM;
- country_ZW;
-};
-
-// Asia
-acl AS {
- country_AE;
- country_AF;
- country_AM;
- country_AZ;
- country_BD;
- country_BH;
- country_BN;
- country_BT;
- country_CC;
- country_CN;
- country_CX;
- country_CY;
- country_GE;
- country_HK;
- country_ID;
- country_IL;
- country_IN;
- country_IO;
- country_IQ;
- country_IR;
- country_JO;
- country_JP;
- country_KG;
- country_KH;
- country_KP;
- country_KR;
- country_KW;
- country_KZ;
- country_LA;
- country_LB;
- country_LK;
- country_MM;
- country_MN;
- country_MO;
- country_MV;
- country_MY;
- country_NP;
- country_OM;
- country_PH;
- country_PK;
- country_PS;
- country_QA;
- country_SA;
- country_SG;
- country_SY;
- country_TH;
- country_TJ;
- country_TL;
- country_TM;
- country_TW;
- country_UZ;
- country_VN;
- country_YE;
-};
-
-// Europe
-acl EU {
- country_AD;
- country_AL;
- country_AT;
- country_AX;
- country_BA;
- country_BE;
- country_BG;
- country_BY;
- country_CH;
- country_CZ;
- country_DE;
- country_DK;
- country_EE;
- country_ES;
- country_FI;
- country_FO;
- country_FR;
- country_GB;
- country_GG;
- country_GI;
- country_GR;
- country_HR;
- country_HU;
- country_IE;
- country_IM;
- country_IS;
- country_IT;
- country_JE;
- country_LI;
- country_LT;
- country_LU;
- country_LV;
- country_MC;
- country_MD;
- country_ME;
- country_MK;
- country_MT;
- country_NL;
- country_NO;
- country_PL;
- country_PT;
- country_RO;
- country_RS;
- country_RU;
- country_SE;
- country_SI;
- country_SJ;
- country_SK;
- country_SM;
- country_TR;
- country_UA;
- country_VA;
-};
-
-// North America
-acl NA {
- country_AG;
- country_AI;
- country_AN;
- country_AW;
- country_BB;
- country_BL;
- country_BM;
- country_BS;
- country_BZ;
- country_CA;
- country_CR;
- country_CU;
- country_DM;
- country_DO;
- country_GD;
- country_GL;
- country_GP;
- country_GT;
- country_HN;
- country_HT;
- country_JM;
- country_KN;
- country_KY;
- country_LC;
- country_MF;
- country_MQ;
- country_MS;
- country_MX;
- country_NI;
- country_PA;
- country_PM;
- country_PR;
- country_SV;
- country_TC;
- country_TT;
- country_US;
- country_VC;
- country_VG;
- country_VI;
-};
-
-// South America
-acl SA {
- country_AR;
- country_BO;
- country_BR;
- country_CL;
- country_CO;
- country_EC;
- country_FK;
- country_GF;
- country_GY;
- country_PE;
- country_PY;
- country_SR;
- country_UY;
- country_VE;
-};
-
-// Oceania
-acl OC {
- country_AS;
- country_AU;
- country_CK;
- country_FJ;
- country_FM;
- country_GU;
- country_KI;
- country_MH;
- country_MP;
- country_NC;
- country_NF;
- country_NR;
- country_NU;
- country_NZ;
- country_PF;
- country_PG;
- country_PN;
- country_PW;
- country_SB;
- country_TK;
- country_TO;
- country_TV;
- country_UM;
- country_VU;
- country_WF;
- country_WS;
-};
-
-// Antarctica
-acl AN {
- country_AQ;
- country_BV;
- country_GS;
- country_HM;
- country_TF;
-};
+++ /dev/null
-// This file was created by dsa-geodomains/zonebuilder --create-named-conf
-// and is distributed to hosts using puppet as
-// dsa-puppet/modules/geodns/files/common/named.conf.geo
-// you probably do not want to edit it manually wherever you find it
-
-view "AF" {
- match-clients { AF; };
-
- zone "security.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org.AF";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "security.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org.AF";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "bugs.debian.org" {
- type master;
- file "/etc/bind/geodns/db.bugs.debian.org.AF";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org.AF";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org.AF";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "packages.debian.org" {
- type master;
- file "/etc/bind/geodns/db.packages.debian.org.AF";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
-};
-view "AN" {
- match-clients { AN; };
-
- zone "security.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org.AN";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "security.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org.AN";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "bugs.debian.org" {
- type master;
- file "/etc/bind/geodns/db.bugs.debian.org.AN";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org.AN";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org.AN";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "packages.debian.org" {
- type master;
- file "/etc/bind/geodns/db.packages.debian.org.AN";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
-};
-view "AS" {
- match-clients { AS; };
-
- zone "security.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org.AS";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "security.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org.AS";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "bugs.debian.org" {
- type master;
- file "/etc/bind/geodns/db.bugs.debian.org.AS";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org.AS";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org.AS";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "packages.debian.org" {
- type master;
- file "/etc/bind/geodns/db.packages.debian.org.AS";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
-};
-view "EU" {
- match-clients { EU; };
-
- zone "security.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org.EU";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "security.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org.EU";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "bugs.debian.org" {
- type master;
- file "/etc/bind/geodns/db.bugs.debian.org.EU";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org.EU";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org.EU";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "packages.debian.org" {
- type master;
- file "/etc/bind/geodns/db.packages.debian.org.EU";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
-};
-view "NA" {
- match-clients { NA; };
-
- zone "security.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org.NA";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "security.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org.NA";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "bugs.debian.org" {
- type master;
- file "/etc/bind/geodns/db.bugs.debian.org.NA";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org.NA";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org.NA";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "packages.debian.org" {
- type master;
- file "/etc/bind/geodns/db.packages.debian.org.NA";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
-};
-view "OC" {
- match-clients { OC; };
-
- zone "security.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org.OC";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "security.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org.OC";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "bugs.debian.org" {
- type master;
- file "/etc/bind/geodns/db.bugs.debian.org.OC";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org.OC";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org.OC";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "packages.debian.org" {
- type master;
- file "/etc/bind/geodns/db.packages.debian.org.OC";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
-};
-view "SA" {
- match-clients { SA; };
-
- zone "security.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org.SA";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "security.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org.SA";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "bugs.debian.org" {
- type master;
- file "/etc/bind/geodns/db.bugs.debian.org.SA";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org.SA";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org.SA";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "packages.debian.org" {
- type master;
- file "/etc/bind/geodns/db.packages.debian.org.SA";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
-};
-view "default" {
- match-clients { any; };
-
- zone "security.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "security.debian.org" {
- type master;
- file "/etc/bind/geodns/db.security.debian.org";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "bugs.debian.org" {
- type master;
- file "/etc/bind/geodns/db.bugs.debian.org";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.geo.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "www.debian.org" {
- type master;
- file "/etc/bind/geodns/db.www.debian.org";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
- zone "packages.debian.org" {
- type master;
- file "/etc/bind/geodns/db.packages.debian.org";
- notify no;
- allow-query { any; };
- allow-transfer { };
- };
-
-};
+++ /dev/null
-//
-// THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-// USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
-//
-
-include "/etc/bind/named.conf.acl";
-include "/etc/bind/geodns/named.conf.geo";
+++ /dev/null
-//
-// THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-// USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
-//
-
-options {
- directory "/var/cache/bind";
-
- // If there is a firewall between you and nameservers you want
- // to talk to, you may need to fix the firewall to allow multiple
- // ports to talk. See http://www.kb.cert.org/vuls/id/800113
-
- // If your ISP provided one or more IP addresses for stable
- // nameservers, you probably want to use them as forwarders.
- // Uncomment the following block, and insert the addresses replacing
- // the all-0's placeholder.
-
- // forwarders {
- // 0.0.0.0;
- // };
-
- auth-nxdomain no; # conform to RFC1035
- listen-on-v6 { any; };
- allow-query { any; };
- allow-update { none; };
- allow-transfer { none; };
- allow-recursion { Nagios; };
-};
-
-logging {
-
- channel queries {
- file "/var/log/bind9/geoip-query.log" versions 4 size 40m;
- print-time yes;
- print-category yes;
- };
- category queries { queries; };
- category lame-servers { null; };
-
-};
-
-
+++ /dev/null
-#!/bin/bash
-
-#
-# THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-# USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
-#
-
-set -e
-set -u
-
-## Copyright (c) 2005 David B. Harris <dbharris@eelf.ddts.net>
-## Copyright (c) 2005,2009 Peter Palfrader <peter@palfrader.org>
-
-## This text is released under the "three-clause BSD license".
-## The full text of the license is available at the end of this file.
-
-if [ "$#" != 1 ]; then
- echo "Usage: $0 <recvconf.files>" >&2
- exit 1
-fi
-
-FILELIST="$1"
-
-printf "\nrecvconf on %s processing:\n" "$(hostname -s)"
-
-umask 077
-
-temptar="$(mktemp)"
-chmod 0600 "$temptar"
-
-tempscript="$(mktemp)"
-chmod 0600 "$tempscript"
-
-tempdir="$(mktemp -d)"
-
-# Read tarball from STDIN
-gzip -dc > "$temptar"
-
-cd "$tempdir"
-tar xf "$temptar"
-
-copy_and_runcommands() {
-
- local file perms user group precommand postcommand
- file="$1"; perms="$2"; user="$3"; group="$4"; precommand="$5"; postcommand="$6"
-
- if [ -f "$file" ]; then
- if [ -h "$file" ]; then # File should NOT be a symlink
- printf "\`%s' is a symlink, aborting.\n" "$file" >&2
- return 1
- fi
-
- if ! [ "$file" -nt "/$file" ]; then
- rm -f "$file"
- return 0
- fi
-
- if [ -n "$precommand" ]; then
- printf "Running precommand \`%s' for %s\n" "$precommand" "$file" >&2
- eval -- $precommand >&2
- fi
-
- if [ -n "$perms" ]; then
- chmod -- "$perms" "$file"
- else
- printf "Warning, no perms defined for \`%s', assuming 0640.\n" "$file" >&2
- chmod 0640 "$file"
- fi
- if [ -n "$user" ]; then
- chown -- "$user" "$file"
- else
- printf "Warning, no user defined for \`%s', assuming root.\n" "$file" >&2
- chown root "$file"
- fi
- if [ -n "$group" ]; then
- chgrp -- "$group" "$file"
- else
- printf "Warning, no group defined for \`%s', assuming root.\n" "$file" >&2
- chgrp root "$file"
- fi
-
- if [ ! -d "/$(dirname "$file")" ]; then
- printf "Directory \`%s' does not exist, aborting.\n" "$(dirname "$file")" >&2
- exit 1
- fi
-
- cp -a -- "$file" "/$(dirname "$file")" >&2
- ls -l "/$(dirname "$file")/$(basename "$file")" >&2
-
- if [ -n "$postcommand" ]; then
- if ! grep -F -- "$postcommand" "$tempscript" > /dev/null 2>&1; then
- printf "%s\n" "$postcommand" >> "$tempscript"
- fi
- fi
-
- rm -f -- "$file"
- fi
-}
-
-IN=0
-linenum=0
-file=""
-nextfile=""
-
-clear_vars() {
- perms=""; user=""; group=""; precommand=""; postcommand=""
-}
-clear_vars
-
-while read line; do
- linenum="$(($linenum + 1))"
-
- if printf "%s\n" "$line" | grep -E '^[[:space:]]*$' > /dev/null 2>&1; then
- ## This line is an empty line; skip it
- continue
- elif printf "%s" "$line" | grep -E '^[[:space:]]*#' > /dev/null 2>&1; then
- ## This line is a comment; skip it
- continue
- fi
-
- ## IN=0, so we're out of a stanza: better get a file declaration next
- if [ "$IN" = "0" ] && ! printf "%s" "$line" | grep -E '^[[:space:]]*file[[:space:]]' > /dev/null 2>&1; then
- printf "Error on line %s, file declaration expected. Got\n\t%s\n" "$linenum" "$line" >&2
- exit 1
- elif [ "$IN" = 0 ] && printf "%s" "$line" | grep -E '^[[:space:]]*file[[:space:]]' > /dev/null 2>&1; then
- ## Okay, we're just starting out; set $file and move on
- file="$(printf "%s" "$line" | sed -e 's/[[:space:]]*file[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
- IN=1
- continue
- elif [ "$IN" = 1 ] && printf "%s" "$line" | grep -E '^[[:space:]]*file[[:space:]]' > /dev/null 2>&1; then
- ## Okay, not only are we at a file declaration, but this isn't our first one. Run the commands to process
- ## the file, then set a $file to the new value and continue parsing.
- [ -n "$file" ] && copy_and_runcommands "$file" "$perms" "$user" "$group" "$precommand" "$postcommand"
- file="$(printf "%s" "$line" | sed -e 's/[[:space:]]*file[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
- clear_vars
- continue
- fi
-
- ## The last two if blocks weren't processed; thus this isn't a comment, a blank line, and we're in the middle of a stanza
- if printf "%s" "$line" | grep -E '^[[:space:]]*perms[[:space:]]' > /dev/null 2>&1; then
- perms="$(printf "%s" "$line" | sed -e 's/[[:space:]]*perms[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
- continue
- elif printf "%s" "$line" | grep -E '^[[:space:]]*user[[:space:]]' > /dev/null 2>&1; then
- user="$(printf "%s" "$line" | sed -e 's/[[:space:]]*user[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
- continue
- elif printf "%s" "$line" | grep -E '^[[:space:]]*group[[:space:]]' > /dev/null 2>&1; then
- group="$(printf "%s" "$line" | sed -e 's/[[:space:]]*group[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
- continue
- elif printf "%s" "$line" | grep -E '^[[:space:]]*precommand[[:space:]]' > /dev/null 2>&1; then
- precommand="$(printf "%s" "$line" | sed -e 's/[[:space:]]*precommand[[:space:]]\+\([^[:space:]#]*\)/\1/')"
- continue
- elif printf "%s" "$line" | grep -E '^[[:space:]]*postcommand[[:space:]]' > /dev/null 2>&1; then
- postcommand="$(printf "%s" "$line" | sed -e 's/[[:space:]]*postcommand[[:space:]]\+\([^[:space:]#]*\)/\1/')"
- continue
- else
- printf "Unknown token at line %s:\n\t%s\n" "$linenum" "$line"
- fi
-
-done < "$FILELIST"
-
-## This is the last stanza and the above loop has set the variables, but hasn't yet processed the file
-[ -n "$file" ] && copy_and_runcommands "$file" "$perms" "$user" "$group" "$precommand" "$postcommand"
-
-if [ -s "$tempscript" ]; then
- tempoutput="$(mktemp)"
- ## Post-copying commands to be run, run them here. Only display output if they exit with $? > 0
- while read command; do
- printf "Running postcommand \`%s' on %s.\n" "$command" "$(hostname -s)" >&2
- if ! eval -- "(cd / && env -i $command)" > "$tempoutput" 2>&1; then
- printf "Error, postcommand \`%s' on %s failed. Output follows:\n" "$command" "$(hostname -s)" >&2
- cat -- "$tempoutput" >&2
- exit 1
- fi
- done < "$tempscript"
- rm -f -- "$tempoutput"
-fi
-
-# Check for any leftover files here; if there are any, exit with an error and print the list
-if [ ! -z "$(find . -type f)" ]; then
- printf "The following files were not listed in $FILELIST:\n%s\n" "$(find . -type f)" >&2
- exit 1
-fi
-
-rm -f -- "$temptar"
-rm -f -- "$tempscript"
-cd
-rm -rf -- "$tempdir"
-
-printf "recvconf on %s finished.\n" "$(hostname -s)"
-
-## Redistribution and use in source and binary forms, with or without
-## modification, are permitted provided that the following conditions are
-## met:
-##
-## * Redistributions of source code must retain the above copyright
-## notice, this list of conditions and the following disclaimer.
-##
-## * Redistributions in binary form must reproduce the above
-## copyright notice, this list of conditions and the following disclaimer
-## in the documentation and/or other materials provided with the
-## distribution.
-##
-## * Neither the names of the copyright owners nor the names of its
-## contributors may be used to endorse or promote products derived from
-## this software without specific prior written permission.
-##
-## THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-## "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-## LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-## A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-## OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-## DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-## THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-## (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-## OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+++ /dev/null
-# This file was created by dsa-geodomains/zonebuilder --create-recvconf-conf
-# and is distributed to hosts using puppet as
-# dsa-puppet/modules/geodns/files/common/recvconf.files
-# you probably do not want to edit it manually wherever you find it
-
-file etc/bind/geodns/db.bugs.debian.org.AN
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.AN
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org.SA
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.SA
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org.OC
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.OC
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org.AS
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.AS
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org.AF
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.AF
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org.EU
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.EU
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.bugs.debian.org.NA
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.NA
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.AN
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.AN
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.SA
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.SA
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.OC
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.OC
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.AS
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.AS
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.AF
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.AF
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.EU
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.EU
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.packages.debian.org.NA
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.NA
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.AN
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.AN
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.SA
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.SA
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.OC
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.OC
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.AS
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.AS
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.AF
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.AF
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.EU
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.EU
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.security.debian.org.NA
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.NA
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.AN
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.AN
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.SA
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.SA
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.OC
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.OC
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.AS
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.AS
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.AF
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.AF
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.EU
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.EU
- postcommand sudo /etc/init.d/bind9 reload
-file etc/bind/geodns/db.www.debian.org.NA
- perms 0644
- user geodnssync
- group geodnssync
- precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.NA
- postcommand sudo /etc/init.d/bind9 reload
+++ /dev/null
-class geodns {
- include munin-node::bind
-
- package {
- bind9: ensure => installed;
- }
-
- file {
- "/etc/apt/sources.list.d/geoip.list":
- content => template("debian-org/etc/apt/sources.list.d/geoip.list.erb"),
- notify => Exec["apt-get update"],
- ;
- "/etc/bind/named.conf.local":
- source => [ "puppet:///geodns/per-host/$fqdn/named.conf.local",
- "puppet:///geodns/common/named.conf.local" ],
- require => Package["bind9"],
- notify => Exec["bind9 restart"],
- owner => root,
- group => root,
- ;
- "/etc/bind/named.conf.acl":
- source => [ "puppet:///geodns/per-host/$fqdn/named.conf.acl",
- "puppet:///geodns/common/named.conf.acl" ],
- require => Package["bind9"],
- notify => Exec["bind9 restart"],
- owner => root,
- group => root,
- ;
- "/etc/bind/named.conf.options":
- source => [ "puppet:///geodns/per-host/$fqdn/named.conf.options",
- "puppet:///geodns/common/named.conf.options" ],
- require => Package["bind9"],
- notify => Exec["bind9 restart"],
- owner => root,
- group => root,
- ;
-
- "/etc/bind/geodns":
- ensure => directory,
- owner => root,
- group => geodnssync,
- mode => 775,
- ;
- "/etc/bind/geodns/named.conf.geo":
- source => [ "puppet:///geodns/per-host/$fqdn/named.conf.geo",
- "puppet:///geodns/common/named.conf.geo" ],
- require => Package["bind9"],
- notify => Exec["bind9 restart"],
- owner => root,
- group => root,
- ;
- "/etc/bind/geodns/recvconf":
- source => [ "puppet:///geodns/per-host/$fqdn/recvconf",
- "puppet:///geodns/common/recvconf" ],
- owner => root,
- group => root,
- mode => 555,
- ;
- "/etc/bind/geodns/recvconf.files":
- source => [ "puppet:///geodns/per-host/$fqdn/recvconf.files",
- "puppet:///geodns/common/recvconf.files" ],
- owner => root,
- group => root,
- mode => 444,
- ;
-
- "/usr/share/GeoIP/GeoIPv6.dat":
- source => [ "puppet:///geodns/per-host/$fqdn/GeoIPv6.dat",
- "puppet:///geodns/common/GeoIPv6.dat" ],
- owner => root,
- group => root,
- mode => 444,
- ;
-
- "/etc/ssh/userkeys/geodnssync":
- source => [ "puppet:///geodns/per-host/$fqdn/authorized_keys",
- "puppet:///geodns/common/authorized_keys" ],
- owner => root,
- group => geodnssync,
- mode => 440,
- ;
- "/var/log/bind9":
- ensure => directory,
- owner => bind,
- group => bind,
- mode => 775,
- ;
- }
-
- exec {
- "bind9 restart":
- path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
- refreshonly => true,
- ;
- }
-}
-
-# vim: set fdm=marker ts=8 sw=8 et:
+++ /dev/null
-//
-// THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-// USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
-//
-
-// Slave domains, includ in bind.conf
-
-// NOT USED YET - SYNC UP WITH dsa-misc/config/bind/ before enabling finally
-
-zone "debian.org" {
- type slave;
- notify no;
- file "db.debian.org";
- masters {
- 82.195.75.106; // draghi
- 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
- };
- allow-query { any; };
- allow-transfer { };
-};
-
-zone "debian.net" {
- type slave;
- notify no;
- file "db.debian.net";
- masters {
- 82.195.75.106; // draghi
- 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
- };
- allow-query { any; };
- allow-transfer { };
-};
-
-zone "mirror.debian.net" {
- type slave;
- notify no;
- file "db.mirror.debian.net";
- masters {
- 82.195.75.106; // draghi
- 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
- };
- allow-query { any; };
- allow-transfer { };
-};
-
-zone "rbl.debian.net" {
- type slave;
- notify no;
- file "db.rbl.debian.net";
- masters {
- 82.195.75.106; // draghi
- 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
- };
- allow-query { any; };
- allow-transfer { };
-};
-
-zone "debian.com" {
- type slave;
- notify no;
- file "db.debian.com";
- masters {
- 82.195.75.106; // draghi
- 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
- };
- allow-query { any; };
- allow-transfer { };
-};
-
-zone "alioth.debian.org" {
- type slave;
- notify no;
- file "db.alioth.debian.org";
- masters {
- 217.196.43.134;
- };
- allow-query { any; };
- allow-transfer { };
-};
-
-
-// debian rack with sil.at
-zone "144-28.118.59.86.in-addr.arpa" {
- type slave;
- notify no;
- file "db.86.59.118.144";
- masters {
- 82.195.75.106; // draghi
- 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
- };
- allow-query { any; };
- allow-transfer { };
-};
-zone "2.0.0.0.2.0.0.0.8.5.8.0.1.0.0.2.ip6.arpa" {
- type slave;
- notify no;
- file "db.2001:0858:0002:0002";
- masters {
- 82.195.75.106; // draghi
- 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
- };
- allow-query { any; };
- allow-transfer { };
-};
-
-// ipv6 at 1&1 - powell: 2001:08d8:0081:1520::/60
-zone "2.5.1.1.8.0.0.8.d.8.0.1.0.0.2.ip6.arpa" {
- type slave;
- notify no;
- file "db.2001:08d8:0081:1520";
- masters {
- 82.195.75.106; // draghi
- 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
- };
- allow-query { any; };
- allow-transfer { };
-};
-// ipv6 at 1&1 - puccini 2001:08d8:0081:15a0::/60
-zone "a.5.1.1.8.0.0.8.d.8.0.1.0.0.2.ip6.arpa" {
- type slave;
- notify no;
- file "db.2001:08d8:0081:15a0";
- masters {
- 82.195.75.106; // draghi
- 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
- };
- allow-query { any; };
- allow-transfer { };
-};
-// ipv6 at 1&1 - wieck and schumann
-zone "2.6.a.0.4.6.5.6.1.0.0.0.2.0.0.0.8.d.8.0.1.0.0.2.ip6.arpa" {
- type slave;
- notify no;
- file "db.2001:8d8:2:1:6564:0a62";
- masters {
- 82.195.75.106; // draghi
- 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
- };
- allow-query { any; };
- allow-transfer { };
-};
-
-// ipv6 at xs4all - klecker 2001:888:2000:12::/64
-zone "2.1.0.0.0.0.0.2.8.8.8.0.1.0.0.2.ip6.arpa" {
- type slave;
- notify no;
- file "db.2001:888:2000:12";
- masters {
- 82.195.75.106; // draghi
- 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
- };
- allow-query { any; };
- allow-transfer { };
-};
-
-// 19.12.206.in-addr.arpa zone - reverse zone for 206.12.19/24 - debian at UBC/ECE
-zone "19.12.206.in-addr.arpa" {
- type slave;
- notify no;
- file "db.206.12.19";
- masters {
- 82.195.75.106; // draghi
- 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
- };
- allow-query { any; };
- allow-transfer { };
-};
-// vim:set syn=named:
+++ /dev/null
-class named-secondary {
- file { "/etc/bind/named.conf.debian-zones":
- source => [ "puppet:///named-secondary/per-host/$fqdn/named.conf.debian-zones",
- "puppet:///named-secondary/common/named.conf.debian-zones" ],
- notify => Exec["bind9 reload"],
- }
-
- exec { "bind9 reload":
- path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
- refreshonly => true,
- }
-}
-
--- /dev/null
+#
+# THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+# USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
+#
+from="82.195.75.106,2001:41b8:202:deb:216:36ff:fe40:3906",command="/etc/bind/geodns/recvconf /etc/bind/geodns/recvconf.files",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA2cJCkmggW6TD0UPJP9lelDno8qbYGXPeYE4+QmkqJv8mslcHxmx5tA2TvpJ9qbAUMPOdZf9ihomwPmFzz9UNZH4eDA8F126UUP5DXsh7FC7yVGSBUNdJdYS7m2wtVs8ddhrVdI+8c39D7NVGGjtUCJCWA/3fE65O183Gm+vER65SYR6LfHlEiC2FBROs6qwnjQ0yw194MnU7Jxl/GsTdZ72ArkmcPjuWsVHWtkSTt0hPfgBOyL4vSfBgl2p2eQBXCEPOaPTa1Yr5qfur1+Cj+iwadEmPfRap6rBO3wfIjbXt/KncM2uFrCXuF1TOqQxrs5LSe8dz16vf9Ckf9Ae5wQ== geodnssync@draghi (20090527)
+from="91.103.132.25,2001:4b10:100b::dead:f00d",command="/etc/bind/geodns/recvconf /etc/bind/geodns/recvconf.files",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApBLc4ZoGTtXDJ1UhgA7NEPdwqibg5BSXZfKPgfM9wn0mZooAlYzVYwNfe08UmDwrGkSjeNphmzpiDFQA27WGLCgAw8SIjunojWKvJwJcDwx2W4OPLByZaVg/wcEivC2h0+xlRc9jFqKL5cOsTnKBuD4nC7r8qnNcWxyeEEJGP4PVb2zgrGhf8UK3bAqYPuQp0pBFo4EPdorxsgThshEWg9eqB94ph7s+YXoccoWh4NlH2TaO9QdjtsWCId6uhfpcrxjhwKRkqdjofKiOhBB3vqHE+Cpe95nKHZAP5JDgqFH/L+pzyOiRqfTeYh2ivaEBl6m5F7C/QlDBOFrOZkEtXQ== geodnssync key for sgran
--- /dev/null
+//
+// THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+// USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
+//
+
+acl Nagios {
+ 192.25.206.33/32;
+};
+
+// Africa
+acl AF {
+ country_AO;
+ country_BF;
+ country_BI;
+ country_BJ;
+ country_BW;
+ country_CD;
+ country_CF;
+ country_CG;
+ country_CI;
+ country_CM;
+ country_CV;
+ country_DJ;
+ country_DZ;
+ country_EG;
+ country_EH;
+ country_ER;
+ country_ET;
+ country_GA;
+ country_GH;
+ country_GM;
+ country_GN;
+ country_GQ;
+ country_GW;
+ country_KE;
+ country_KM;
+ country_LR;
+ country_LS;
+ country_LY;
+ country_MA;
+ country_MG;
+ country_ML;
+ country_MR;
+ country_MU;
+ country_MW;
+ country_MZ;
+ country_NA;
+ country_NE;
+ country_NG;
+ country_RE;
+ country_RW;
+ country_SC;
+ country_SD;
+ country_SH;
+ country_SL;
+ country_SN;
+ country_SO;
+ country_ST;
+ country_SZ;
+ country_TD;
+ country_TG;
+ country_TN;
+ country_TZ;
+ country_UG;
+ country_YT;
+ country_ZA;
+ country_ZM;
+ country_ZW;
+};
+
+// Asia
+acl AS {
+ country_AE;
+ country_AF;
+ country_AM;
+ country_AZ;
+ country_BD;
+ country_BH;
+ country_BN;
+ country_BT;
+ country_CC;
+ country_CN;
+ country_CX;
+ country_CY;
+ country_GE;
+ country_HK;
+ country_ID;
+ country_IL;
+ country_IN;
+ country_IO;
+ country_IQ;
+ country_IR;
+ country_JO;
+ country_JP;
+ country_KG;
+ country_KH;
+ country_KP;
+ country_KR;
+ country_KW;
+ country_KZ;
+ country_LA;
+ country_LB;
+ country_LK;
+ country_MM;
+ country_MN;
+ country_MO;
+ country_MV;
+ country_MY;
+ country_NP;
+ country_OM;
+ country_PH;
+ country_PK;
+ country_PS;
+ country_QA;
+ country_SA;
+ country_SG;
+ country_SY;
+ country_TH;
+ country_TJ;
+ country_TL;
+ country_TM;
+ country_TW;
+ country_UZ;
+ country_VN;
+ country_YE;
+};
+
+// Europe
+acl EU {
+ country_AD;
+ country_AL;
+ country_AT;
+ country_AX;
+ country_BA;
+ country_BE;
+ country_BG;
+ country_BY;
+ country_CH;
+ country_CZ;
+ country_DE;
+ country_DK;
+ country_EE;
+ country_ES;
+ country_FI;
+ country_FO;
+ country_FR;
+ country_GB;
+ country_GG;
+ country_GI;
+ country_GR;
+ country_HR;
+ country_HU;
+ country_IE;
+ country_IM;
+ country_IS;
+ country_IT;
+ country_JE;
+ country_LI;
+ country_LT;
+ country_LU;
+ country_LV;
+ country_MC;
+ country_MD;
+ country_ME;
+ country_MK;
+ country_MT;
+ country_NL;
+ country_NO;
+ country_PL;
+ country_PT;
+ country_RO;
+ country_RS;
+ country_RU;
+ country_SE;
+ country_SI;
+ country_SJ;
+ country_SK;
+ country_SM;
+ country_TR;
+ country_UA;
+ country_VA;
+};
+
+// North America
+acl NA {
+ country_AG;
+ country_AI;
+ country_AN;
+ country_AW;
+ country_BB;
+ country_BL;
+ country_BM;
+ country_BS;
+ country_BZ;
+ country_CA;
+ country_CR;
+ country_CU;
+ country_DM;
+ country_DO;
+ country_GD;
+ country_GL;
+ country_GP;
+ country_GT;
+ country_HN;
+ country_HT;
+ country_JM;
+ country_KN;
+ country_KY;
+ country_LC;
+ country_MF;
+ country_MQ;
+ country_MS;
+ country_MX;
+ country_NI;
+ country_PA;
+ country_PM;
+ country_PR;
+ country_SV;
+ country_TC;
+ country_TT;
+ country_US;
+ country_VC;
+ country_VG;
+ country_VI;
+};
+
+// South America
+acl SA {
+ country_AR;
+ country_BO;
+ country_BR;
+ country_CL;
+ country_CO;
+ country_EC;
+ country_FK;
+ country_GF;
+ country_GY;
+ country_PE;
+ country_PY;
+ country_SR;
+ country_UY;
+ country_VE;
+};
+
+// Oceania
+acl OC {
+ country_AS;
+ country_AU;
+ country_CK;
+ country_FJ;
+ country_FM;
+ country_GU;
+ country_KI;
+ country_MH;
+ country_MP;
+ country_NC;
+ country_NF;
+ country_NR;
+ country_NU;
+ country_NZ;
+ country_PF;
+ country_PG;
+ country_PN;
+ country_PW;
+ country_SB;
+ country_TK;
+ country_TO;
+ country_TV;
+ country_UM;
+ country_VU;
+ country_WF;
+ country_WS;
+};
+
+// Antarctica
+acl AN {
+ country_AQ;
+ country_BV;
+ country_GS;
+ country_HM;
+ country_TF;
+};
--- /dev/null
+//
+// THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+// USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
+//
+
+// Slave domains, includ in bind.conf
+
+// NOT USED YET - SYNC UP WITH dsa-misc/config/bind/ before enabling finally
+
+zone "debian.org" {
+ type slave;
+ notify no;
+ file "db.debian.org";
+ masters {
+ 82.195.75.106; // draghi
+ 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
+ };
+ allow-query { any; };
+ allow-transfer { };
+};
+
+zone "debian.net" {
+ type slave;
+ notify no;
+ file "db.debian.net";
+ masters {
+ 82.195.75.106; // draghi
+ 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
+ };
+ allow-query { any; };
+ allow-transfer { };
+};
+
+zone "mirror.debian.net" {
+ type slave;
+ notify no;
+ file "db.mirror.debian.net";
+ masters {
+ 82.195.75.106; // draghi
+ 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
+ };
+ allow-query { any; };
+ allow-transfer { };
+};
+
+zone "rbl.debian.net" {
+ type slave;
+ notify no;
+ file "db.rbl.debian.net";
+ masters {
+ 82.195.75.106; // draghi
+ 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
+ };
+ allow-query { any; };
+ allow-transfer { };
+};
+
+zone "debian.com" {
+ type slave;
+ notify no;
+ file "db.debian.com";
+ masters {
+ 82.195.75.106; // draghi
+ 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
+ };
+ allow-query { any; };
+ allow-transfer { };
+};
+
+zone "alioth.debian.org" {
+ type slave;
+ notify no;
+ file "db.alioth.debian.org";
+ masters {
+ 217.196.43.134;
+ };
+ allow-query { any; };
+ allow-transfer { };
+};
+
+
+// debian rack with sil.at
+zone "144-28.118.59.86.in-addr.arpa" {
+ type slave;
+ notify no;
+ file "db.86.59.118.144";
+ masters {
+ 82.195.75.106; // draghi
+ 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
+ };
+ allow-query { any; };
+ allow-transfer { };
+};
+zone "2.0.0.0.2.0.0.0.8.5.8.0.1.0.0.2.ip6.arpa" {
+ type slave;
+ notify no;
+ file "db.2001:0858:0002:0002";
+ masters {
+ 82.195.75.106; // draghi
+ 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
+ };
+ allow-query { any; };
+ allow-transfer { };
+};
+
+// ipv6 at 1&1 - powell: 2001:08d8:0081:1520::/60
+zone "2.5.1.1.8.0.0.8.d.8.0.1.0.0.2.ip6.arpa" {
+ type slave;
+ notify no;
+ file "db.2001:08d8:0081:1520";
+ masters {
+ 82.195.75.106; // draghi
+ 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
+ };
+ allow-query { any; };
+ allow-transfer { };
+};
+// ipv6 at 1&1 - puccini 2001:08d8:0081:15a0::/60
+zone "a.5.1.1.8.0.0.8.d.8.0.1.0.0.2.ip6.arpa" {
+ type slave;
+ notify no;
+ file "db.2001:08d8:0081:15a0";
+ masters {
+ 82.195.75.106; // draghi
+ 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
+ };
+ allow-query { any; };
+ allow-transfer { };
+};
+// ipv6 at 1&1 - wieck and schumann
+zone "2.6.a.0.4.6.5.6.1.0.0.0.2.0.0.0.8.d.8.0.1.0.0.2.ip6.arpa" {
+ type slave;
+ notify no;
+ file "db.2001:8d8:2:1:6564:0a62";
+ masters {
+ 82.195.75.106; // draghi
+ 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
+ };
+ allow-query { any; };
+ allow-transfer { };
+};
+
+// ipv6 at xs4all - klecker 2001:888:2000:12::/64
+zone "2.1.0.0.0.0.0.2.8.8.8.0.1.0.0.2.ip6.arpa" {
+ type slave;
+ notify no;
+ file "db.2001:888:2000:12";
+ masters {
+ 82.195.75.106; // draghi
+ 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
+ };
+ allow-query { any; };
+ allow-transfer { };
+};
+
+// 19.12.206.in-addr.arpa zone - reverse zone for 206.12.19/24 - debian at UBC/ECE
+zone "19.12.206.in-addr.arpa" {
+ type slave;
+ notify no;
+ file "db.206.12.19";
+ masters {
+ 82.195.75.106; // draghi
+ 2001:41b8:202:deb:216:36ff:fe40:3906; //draghi
+ };
+ allow-query { any; };
+ allow-transfer { };
+};
+// vim:set syn=named:
--- /dev/null
+// This file was created by dsa-geodomains/zonebuilder --create-named-conf
+// and is distributed to hosts using puppet as
+// dsa-puppet/modules/geodns/files/common/named.conf.geo
+// you probably do not want to edit it manually wherever you find it
+
+view "AF" {
+ match-clients { AF; };
+
+ zone "security.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org.AF";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "security.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org.AF";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "bugs.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.bugs.debian.org.AF";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org.AF";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org.AF";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "packages.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.packages.debian.org.AF";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+};
+view "AN" {
+ match-clients { AN; };
+
+ zone "security.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org.AN";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "security.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org.AN";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "bugs.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.bugs.debian.org.AN";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org.AN";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org.AN";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "packages.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.packages.debian.org.AN";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+};
+view "AS" {
+ match-clients { AS; };
+
+ zone "security.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org.AS";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "security.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org.AS";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "bugs.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.bugs.debian.org.AS";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org.AS";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org.AS";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "packages.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.packages.debian.org.AS";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+};
+view "EU" {
+ match-clients { EU; };
+
+ zone "security.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org.EU";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "security.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org.EU";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "bugs.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.bugs.debian.org.EU";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org.EU";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org.EU";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "packages.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.packages.debian.org.EU";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+};
+view "NA" {
+ match-clients { NA; };
+
+ zone "security.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org.NA";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "security.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org.NA";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "bugs.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.bugs.debian.org.NA";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org.NA";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org.NA";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "packages.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.packages.debian.org.NA";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+};
+view "OC" {
+ match-clients { OC; };
+
+ zone "security.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org.OC";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "security.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org.OC";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "bugs.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.bugs.debian.org.OC";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org.OC";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org.OC";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "packages.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.packages.debian.org.OC";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+};
+view "SA" {
+ match-clients { SA; };
+
+ zone "security.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org.SA";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "security.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org.SA";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "bugs.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.bugs.debian.org.SA";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org.SA";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org.SA";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "packages.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.packages.debian.org.SA";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+};
+view "default" {
+ match-clients { any; };
+
+ zone "security.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "security.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.security.debian.org";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "bugs.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.bugs.debian.org";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.geo.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "www.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.www.debian.org";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+ zone "packages.debian.org" {
+ type master;
+ file "/etc/bind/geodns/db.packages.debian.org";
+ notify no;
+ allow-query { any; };
+ allow-transfer { };
+ };
+
+};
--- /dev/null
+//
+// THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+// USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
+//
+
+include "/etc/bind/named.conf.acl";
+include "/etc/bind/geodns/named.conf.geo";
--- /dev/null
+//
+// THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+// USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
+//
+
+options {
+ directory "/var/cache/bind";
+
+ // If there is a firewall between you and nameservers you want
+ // to talk to, you may need to fix the firewall to allow multiple
+ // ports to talk. See http://www.kb.cert.org/vuls/id/800113
+
+ // If your ISP provided one or more IP addresses for stable
+ // nameservers, you probably want to use them as forwarders.
+ // Uncomment the following block, and insert the addresses replacing
+ // the all-0's placeholder.
+
+ // forwarders {
+ // 0.0.0.0;
+ // };
+
+ auth-nxdomain no; # conform to RFC1035
+ listen-on-v6 { any; };
+ allow-query { any; };
+ allow-update { none; };
+ allow-transfer { none; };
+ allow-recursion { Nagios; };
+};
+
+logging {
+
+ channel queries {
+ file "/var/log/bind9/geoip-query.log" versions 4 size 40m;
+ print-time yes;
+ print-category yes;
+ };
+ category queries { queries; };
+ category lame-servers { null; };
+
+};
+
+
--- /dev/null
+#!/bin/bash
+
+#
+# THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+# USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
+#
+
+set -e
+set -u
+
+## Copyright (c) 2005 David B. Harris <dbharris@eelf.ddts.net>
+## Copyright (c) 2005,2009 Peter Palfrader <peter@palfrader.org>
+
+## This text is released under the "three-clause BSD license".
+## The full text of the license is available at the end of this file.
+
+if [ "$#" != 1 ]; then
+ echo "Usage: $0 <recvconf.files>" >&2
+ exit 1
+fi
+
+FILELIST="$1"
+
+printf "\nrecvconf on %s processing:\n" "$(hostname -s)"
+
+umask 077
+
+temptar="$(mktemp)"
+chmod 0600 "$temptar"
+
+tempscript="$(mktemp)"
+chmod 0600 "$tempscript"
+
+tempdir="$(mktemp -d)"
+
+# Read tarball from STDIN
+gzip -dc > "$temptar"
+
+cd "$tempdir"
+tar xf "$temptar"
+
+copy_and_runcommands() {
+
+ local file perms user group precommand postcommand
+ file="$1"; perms="$2"; user="$3"; group="$4"; precommand="$5"; postcommand="$6"
+
+ if [ -f "$file" ]; then
+ if [ -h "$file" ]; then # File should NOT be a symlink
+ printf "\`%s' is a symlink, aborting.\n" "$file" >&2
+ return 1
+ fi
+
+ if ! [ "$file" -nt "/$file" ]; then
+ rm -f "$file"
+ return 0
+ fi
+
+ if [ -n "$precommand" ]; then
+ printf "Running precommand \`%s' for %s\n" "$precommand" "$file" >&2
+ eval -- $precommand >&2
+ fi
+
+ if [ -n "$perms" ]; then
+ chmod -- "$perms" "$file"
+ else
+ printf "Warning, no perms defined for \`%s', assuming 0640.\n" "$file" >&2
+ chmod 0640 "$file"
+ fi
+ if [ -n "$user" ]; then
+ chown -- "$user" "$file"
+ else
+ printf "Warning, no user defined for \`%s', assuming root.\n" "$file" >&2
+ chown root "$file"
+ fi
+ if [ -n "$group" ]; then
+ chgrp -- "$group" "$file"
+ else
+ printf "Warning, no group defined for \`%s', assuming root.\n" "$file" >&2
+ chgrp root "$file"
+ fi
+
+ if [ ! -d "/$(dirname "$file")" ]; then
+ printf "Directory \`%s' does not exist, aborting.\n" "$(dirname "$file")" >&2
+ exit 1
+ fi
+
+ cp -a -- "$file" "/$(dirname "$file")" >&2
+ ls -l "/$(dirname "$file")/$(basename "$file")" >&2
+
+ if [ -n "$postcommand" ]; then
+ if ! grep -F -- "$postcommand" "$tempscript" > /dev/null 2>&1; then
+ printf "%s\n" "$postcommand" >> "$tempscript"
+ fi
+ fi
+
+ rm -f -- "$file"
+ fi
+}
+
+IN=0
+linenum=0
+file=""
+nextfile=""
+
+clear_vars() {
+ perms=""; user=""; group=""; precommand=""; postcommand=""
+}
+clear_vars
+
+while read line; do
+ linenum="$(($linenum + 1))"
+
+ if printf "%s\n" "$line" | grep -E '^[[:space:]]*$' > /dev/null 2>&1; then
+ ## This line is an empty line; skip it
+ continue
+ elif printf "%s" "$line" | grep -E '^[[:space:]]*#' > /dev/null 2>&1; then
+ ## This line is a comment; skip it
+ continue
+ fi
+
+ ## IN=0, so we're out of a stanza: better get a file declaration next
+ if [ "$IN" = "0" ] && ! printf "%s" "$line" | grep -E '^[[:space:]]*file[[:space:]]' > /dev/null 2>&1; then
+ printf "Error on line %s, file declaration expected. Got\n\t%s\n" "$linenum" "$line" >&2
+ exit 1
+ elif [ "$IN" = 0 ] && printf "%s" "$line" | grep -E '^[[:space:]]*file[[:space:]]' > /dev/null 2>&1; then
+ ## Okay, we're just starting out; set $file and move on
+ file="$(printf "%s" "$line" | sed -e 's/[[:space:]]*file[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
+ IN=1
+ continue
+ elif [ "$IN" = 1 ] && printf "%s" "$line" | grep -E '^[[:space:]]*file[[:space:]]' > /dev/null 2>&1; then
+ ## Okay, not only are we at a file declaration, but this isn't our first one. Run the commands to process
+ ## the file, then set a $file to the new value and continue parsing.
+ [ -n "$file" ] && copy_and_runcommands "$file" "$perms" "$user" "$group" "$precommand" "$postcommand"
+ file="$(printf "%s" "$line" | sed -e 's/[[:space:]]*file[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
+ clear_vars
+ continue
+ fi
+
+ ## The last two if blocks weren't processed; thus this isn't a comment, a blank line, and we're in the middle of a stanza
+ if printf "%s" "$line" | grep -E '^[[:space:]]*perms[[:space:]]' > /dev/null 2>&1; then
+ perms="$(printf "%s" "$line" | sed -e 's/[[:space:]]*perms[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
+ continue
+ elif printf "%s" "$line" | grep -E '^[[:space:]]*user[[:space:]]' > /dev/null 2>&1; then
+ user="$(printf "%s" "$line" | sed -e 's/[[:space:]]*user[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
+ continue
+ elif printf "%s" "$line" | grep -E '^[[:space:]]*group[[:space:]]' > /dev/null 2>&1; then
+ group="$(printf "%s" "$line" | sed -e 's/[[:space:]]*group[[:space:]]\+\([^[:space:]#]*\).*/\1/')"
+ continue
+ elif printf "%s" "$line" | grep -E '^[[:space:]]*precommand[[:space:]]' > /dev/null 2>&1; then
+ precommand="$(printf "%s" "$line" | sed -e 's/[[:space:]]*precommand[[:space:]]\+\([^[:space:]#]*\)/\1/')"
+ continue
+ elif printf "%s" "$line" | grep -E '^[[:space:]]*postcommand[[:space:]]' > /dev/null 2>&1; then
+ postcommand="$(printf "%s" "$line" | sed -e 's/[[:space:]]*postcommand[[:space:]]\+\([^[:space:]#]*\)/\1/')"
+ continue
+ else
+ printf "Unknown token at line %s:\n\t%s\n" "$linenum" "$line"
+ fi
+
+done < "$FILELIST"
+
+## This is the last stanza and the above loop has set the variables, but hasn't yet processed the file
+[ -n "$file" ] && copy_and_runcommands "$file" "$perms" "$user" "$group" "$precommand" "$postcommand"
+
+if [ -s "$tempscript" ]; then
+ tempoutput="$(mktemp)"
+ ## Post-copying commands to be run, run them here. Only display output if they exit with $? > 0
+ while read command; do
+ printf "Running postcommand \`%s' on %s.\n" "$command" "$(hostname -s)" >&2
+ if ! eval -- "(cd / && env -i $command)" > "$tempoutput" 2>&1; then
+ printf "Error, postcommand \`%s' on %s failed. Output follows:\n" "$command" "$(hostname -s)" >&2
+ cat -- "$tempoutput" >&2
+ exit 1
+ fi
+ done < "$tempscript"
+ rm -f -- "$tempoutput"
+fi
+
+# Check for any leftover files here; if there are any, exit with an error and print the list
+if [ ! -z "$(find . -type f)" ]; then
+ printf "The following files were not listed in $FILELIST:\n%s\n" "$(find . -type f)" >&2
+ exit 1
+fi
+
+rm -f -- "$temptar"
+rm -f -- "$tempscript"
+cd
+rm -rf -- "$tempdir"
+
+printf "recvconf on %s finished.\n" "$(hostname -s)"
+
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted provided that the following conditions are
+## met:
+##
+## * Redistributions of source code must retain the above copyright
+## notice, this list of conditions and the following disclaimer.
+##
+## * Redistributions in binary form must reproduce the above
+## copyright notice, this list of conditions and the following disclaimer
+## in the documentation and/or other materials provided with the
+## distribution.
+##
+## * Neither the names of the copyright owners nor the names of its
+## contributors may be used to endorse or promote products derived from
+## this software without specific prior written permission.
+##
+## THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+## "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+## LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+## A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+## OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+## DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+## THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+## (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+## OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--- /dev/null
+# This file was created by dsa-geodomains/zonebuilder --create-recvconf-conf
+# and is distributed to hosts using puppet as
+# dsa-puppet/modules/geodns/files/common/recvconf.files
+# you probably do not want to edit it manually wherever you find it
+
+file etc/bind/geodns/db.bugs.debian.org.AN
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.AN
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.bugs.debian.org.SA
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.SA
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.bugs.debian.org.OC
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.OC
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.bugs.debian.org.AS
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.AS
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.bugs.debian.org.AF
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.AF
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.bugs.debian.org
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.bugs.debian.org.EU
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.EU
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.bugs.debian.org.NA
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail bugs.debian.org etc/bind/geodns/db.bugs.debian.org.NA
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.packages.debian.org.AN
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.AN
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.packages.debian.org.SA
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.SA
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.packages.debian.org.OC
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.OC
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.packages.debian.org.AS
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.AS
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.packages.debian.org.AF
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.AF
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.packages.debian.org
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.packages.debian.org.EU
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.EU
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.packages.debian.org.NA
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail packages.debian.org etc/bind/geodns/db.packages.debian.org.NA
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.security.debian.org.AN
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.AN
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.security.debian.org.SA
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.SA
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.security.debian.org.OC
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.OC
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.security.debian.org.AS
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.AS
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.security.debian.org.AF
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.AF
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.security.debian.org
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.security.debian.org.EU
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.EU
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.security.debian.org.NA
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail security.debian.org etc/bind/geodns/db.security.debian.org.NA
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.www.debian.org.AN
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.AN
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.www.debian.org.SA
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.SA
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.www.debian.org.OC
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.OC
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.www.debian.org.AS
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.AS
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.www.debian.org.AF
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.AF
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.www.debian.org
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.www.debian.org.EU
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.EU
+ postcommand sudo /etc/init.d/bind9 reload
+file etc/bind/geodns/db.www.debian.org.NA
+ perms 0644
+ user geodnssync
+ group geodnssync
+ precommand /usr/sbin/named-checkzone -q -k fail -n fail -S fail -i full -m fail -M fail www.debian.org etc/bind/geodns/db.www.debian.org.NA
+ postcommand sudo /etc/init.d/bind9 reload
--- /dev/null
+class named::geodns inherits named {
+ file {
+ "/etc/apt/sources.list.d/geoip.list":
+ content => template("debian-org/etc/apt/sources.list.d/geoip.list.erb"),
+ notify => Exec["apt-get update"],
+ ;
+ "/etc/bind/named.conf.local":
+ source => [ "puppet:///geodns/per-host/$fqdn/named.conf.local",
+ "puppet:///geodns/common/named.conf.local" ],
+ require => Package["bind9"],
+ notify => Exec["bind9 restart"],
+ owner => root,
+ group => root,
+ ;
+ "/etc/bind/named.conf.acl":
+ source => [ "puppet:///geodns/per-host/$fqdn/named.conf.acl",
+ "puppet:///geodns/common/named.conf.acl" ],
+ require => Package["bind9"],
+ notify => Exec["bind9 restart"],
+ owner => root,
+ group => root,
+ ;
+ "/etc/bind/named.conf.options":
+ source => [ "puppet:///geodns/per-host/$fqdn/named.conf.options",
+ "puppet:///geodns/common/named.conf.options" ],
+ require => Package["bind9"],
+ notify => Exec["bind9 restart"],
+ owner => root,
+ group => root,
+ ;
+
+ "/etc/bind/geodns":
+ ensure => directory,
+ owner => root,
+ group => geodnssync,
+ mode => 775,
+ ;
+ "/etc/bind/geodns/named.conf.geo":
+ source => [ "puppet:///geodns/per-host/$fqdn/named.conf.geo",
+ "puppet:///geodns/common/named.conf.geo" ],
+ require => Package["bind9"],
+ notify => Exec["bind9 restart"],
+ owner => root,
+ group => root,
+ ;
+ "/etc/bind/geodns/recvconf":
+ source => [ "puppet:///geodns/per-host/$fqdn/recvconf",
+ "puppet:///geodns/common/recvconf" ],
+ owner => root,
+ group => root,
+ mode => 555,
+ ;
+ "/etc/bind/geodns/recvconf.files":
+ source => [ "puppet:///geodns/per-host/$fqdn/recvconf.files",
+ "puppet:///geodns/common/recvconf.files" ],
+ owner => root,
+ group => root,
+ mode => 444,
+ ;
+
+ "/usr/share/GeoIP/GeoIPv6.dat":
+ source => [ "puppet:///geodns/per-host/$fqdn/GeoIPv6.dat",
+ "puppet:///geodns/common/GeoIPv6.dat" ],
+ owner => root,
+ group => root,
+ mode => 444,
+ ;
+
+ "/etc/ssh/userkeys/geodnssync":
+ source => [ "puppet:///geodns/per-host/$fqdn/authorized_keys",
+ "puppet:///geodns/common/authorized_keys" ],
+ owner => root,
+ group => geodnssync,
+ mode => 440,
+ ;
+ "/var/log/bind9":
+ ensure => directory,
+ owner => bind,
+ group => bind,
+ mode => 775,
+ ;
+ }
+}
+
+# vim: set fdm=marker ts=8 sw=8 et:
--- /dev/null
+class named {
+ include munin-node::bind
+
+ package {
+ bind9: ensure => installed;
+ }
+
+ exec {
+ "bind9 restart":
+ path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
+ refreshonly => true,
+ ;
+ }
+ exec {
+ "bind9 reload":
+ path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin",
+ refreshonly => true,
+ ;
+ }
+}
+
+# vim: set fdm=marker ts=8 sw=8 et:
--- /dev/null
+class named::secondary inherits named {
+# file { "/etc/bind/named.conf.debian-zones":
+# source => [ "puppet:///named-secondary/per-host/$fqdn/named.conf.debian-zones",
+# "puppet:///named-secondary/common/named.conf.debian-zones" ],
+# notify => Exec["bind9 reload"],
+# }
+}
+
projects / dsa-puppet.git / commitdiff