From: Luca Filipozzi <lfilipoz@emyr.net>
Date: Sat, 8 Mar 2014 21:34:44 +0000 (+0000)
Subject: use easydns-generated tsig key since need key name to match
X-Git-Url: https://git.donarmstrong.com/?p=dsa-puppet.git;a=commitdiff_plain;h=442aca53e90777515bf6ede3cb4294f924c9cf0f

use easydns-generated tsig key since need key name to match
---

diff --git a/modules/named/templates/named.conf.puppet-shared-keys.erb b/modules/named/templates/named.conf.puppet-shared-keys.erb
index c9e68368..33afad60 100644
--- a/modules/named/templates/named.conf.puppet-shared-keys.erb
+++ b/modules/named/templates/named.conf.puppet-shared-keys.erb
@@ -18,19 +18,21 @@ lines = []
 pairs.each do |pair|
 	next unless pair.include?(fqdn)
 	pair.sort!
-	keyname = "tsig-#{pair.join('-')}"
 	pair.delete(fqdn)
 	other = pair[0]
 
 	if other == 'xfr0.easydns.com'
 		remote_ip = ['64.68.200.91']
 		algorithm = "hmac-md5";
+		keyname = "82.195.75.91-key"
+		key = "VoIkCnR5DaI3QP3xtmdCYg=="
 	else
 		remote_ip = scope.lookupvar('site::allnodeinfo')[other]['ipHostNumber']
 		algorithm = "hmac-sha256";
+		keyname = "tsig-#{pair.join('-')}"
+		key = scope.function_hkdf(['/etc/puppet/secret', "puppet-key-#{keyname}"])
 	end
 
-	key = scope.function_hkdf(['/etc/puppet/secret', "puppet-key-#{keyname}"])
 	lines << "key #{keyname} { algorithm #{algorithm}; secret \"#{key}\"; };"
 	remote_ip.each do |r|
 		lines << "server #{r} { keys { #{keyname}; }; };"