From: Martin Zobel-Helas Date: Sun, 22 Sep 2013 12:58:35 +0000 (+0200) Subject: remove unger X-Git-Url: https://git.donarmstrong.com/?p=dsa-puppet.git;a=commitdiff_plain;h=381d9623ff6d4118b6e94981c7acb9e03c2544b3 remove unger Signed-off-by: Martin Zobel-Helas --- diff --git a/modules/debian-org/misc/local.yaml b/modules/debian-org/misc/local.yaml index edfa9be1..06ae2895 100644 --- a/modules/debian-org/misc/local.yaml +++ b/modules/debian-org/misc/local.yaml @@ -131,7 +131,6 @@ nameinfo: tristano.debian.org: Gerardo Tristano (July 1st, 1955 - ongoing) tye.debian.org: Christopher Tye (c.1505 - 1573) ullmann.debian.org: Viktor Ullmann (January 1st, 1898 - October 17th, 1944) - unger.debian.org: Caroline Unger (October 28th, 1803 - March 23th, 1877) vento.debian.org: Ivo de Vento (1543/1545 - 1575) vieuxtemps.debian.org: Henri Vieuxtemps (February 17th, 1820 - June 6th, 1881) vitry.debian.org: Philippe de Vitry (October 31st, 1291 - June 9th, 1361) @@ -227,7 +226,6 @@ host_settings: - cilea.debian.org - rautavaara.debian.org - scelsi.debian.org - - unger.debian.org - vitry.debian.org # dead/not running - berlioz.debian.org diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp index bb459e38..725fc6d2 100644 --- a/modules/ferm/manifests/per-host.pp +++ b/modules/ferm/manifests/per-host.pp @@ -116,22 +116,6 @@ class ferm::per-host { rule => '&TCP_UDP_SERVICE(5080)' } } - unger: { - @ferm::rule { 'dsa-notrack-dns-diamond-in': - domain => 'ip', - description => 'NOTRACK for nameserver traffic', - table => 'raw', - chain => 'PREROUTING', - rule => 'destination 82.195.75.108 proto (tcp udp) dport 53 jump NOTRACK' - } - @ferm::rule { 'dsa-notrack-dns-diamond-out': - domain => 'ip', - description => 'NOTRACK for nameserver traffic', - table => 'raw', - chain => 'PREROUTING', - rule => 'source 82.195.75.108 proto (tcp udp) sport 53 jump NOTRACK' - } - } sonntag: { @ferm::rule { 'dsa-bugs-search': description => 'port 1978 for bugs-search from bug web frontends', diff --git a/modules/ferm/templates/defs.conf.erb b/modules/ferm/templates/defs.conf.erb index 8a6ece1e..f201061b 100644 --- a/modules/ferm/templates/defs.conf.erb +++ b/modules/ferm/templates/defs.conf.erb @@ -134,7 +134,3 @@ @def $FREEBSD_SSH_ACCESS = (); @def $FREEBSD_SSH_ACCESS = ($FREEBSD_SSH_ACCESS $DSA_IPS $BUILDD_SSH_ACCESS); @def $FREEBSD_SSH_ACCESS = ($FREEBSD_SSH_ACCESS $USER_christoph $USER_aurel32); # buildd admins -@def $UNGER_SSH_ACCESS = (); -@def $UNGER_SSH_ACCESS = ($UNGER_SSH_ACCESS $USER_joerg); -@def $UNGER_SSH6_ACCESS = (); -@def $UNGER_SSH6_ACCESS = ($UNGER_SSH6_ACCESS $USER_joerg6); diff --git a/modules/ferm/templates/me.conf.erb b/modules/ferm/templates/me.conf.erb index 3a726d64..fcd13013 100644 --- a/modules/ferm/templates/me.conf.erb +++ b/modules/ferm/templates/me.conf.erb @@ -35,10 +35,6 @@ if restrict_ssh.include?(hostname) then ssh4allowed << '$HOST_DEBIAN_V4' ssh6allowed << '$HOST_DEBIAN_V6' end - if %w{unger}.include?(hostname) then - ssh4allowed << '$UNGER_SSH_ACCESS' # Ganneff - ssh6allowed << '$UNGER_SSH6_ACCESS' # Ganneff, but more address space - end if %w{adayevskaya}.include?(hostname) then ssh4allowed << %w{$HOST_MAILRELAY_V4} diff --git a/modules/sudo/files/sudoers b/modules/sudo/files/sudoers index 42f27907..edab31ec 100644 --- a/modules/sudo/files/sudoers +++ b/modules/sudo/files/sudoers @@ -144,8 +144,6 @@ piupartss PIUPARTS_SLAVE_HOSTS=(ALL) NOPASSWD: ALL %dnsadm draghi,orff=(root) NOPASSWD: /etc/init.d/bind9 reload %dnsadm draghi,orff=(geodnssync) NOPASSWD: /usr/bin/make -C /srv/dns.debian.org/geo %adm draghi=(puppet) NOPASSWD: /usr/bin/make -s -C /srv/db.debian.org/var/gitnagios/dsa-nagios/config install -# remote power to babylon5 in the same rack: -joerg unger=(ALL) /usr/bin/sispmctl -t [12], /usr/bin/sispmctl -g [12] # wbadm can update all buildd* users' keys on buildd.d.o %wbadm BUILDD_MASTER=(wb-buildd) ALL %wbadm BUILDD_MASTER=(root) /usr/local/bin/update-buildd-sshkeys