From: Tollef Fog Heen Date: Sun, 15 Sep 2013 10:30:54 +0000 (+0200) Subject: Adjust puppet for wuiet being a buildd master X-Git-Url: https://git.donarmstrong.com/?p=dsa-puppet.git;a=commitdiff_plain;h=4b460293e35b6adceea7ef7d57e36daa9184294c Adjust puppet for wuiet being a buildd master --- diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp index a6bf4413..3ff1615d 100644 --- a/modules/ferm/manifests/per-host.pp +++ b/modules/ferm/manifests/per-host.pp @@ -209,7 +209,7 @@ class ferm::per-host { rule => '&SERVICE_RANGE(tcp, 5452, ( 2607:f8f0:610:4000:216:36ff:fe40:3860/128 2001:41b8:202:deb:216:36ff:fe40:4001/128 2001:41c8:1000:21::21:14/128 2001:41c8:1000:21::21:11/32 ))' } } - grieg: { + grieg,wuiet: { @ferm::rule { 'dsa-postgres-ullmann': description => 'Allow postgress access', rule => '&SERVICE_RANGE(tcp, 5433, ( 206.12.19.141/32 ))' diff --git a/modules/ferm/templates/defs.conf.erb b/modules/ferm/templates/defs.conf.erb index ffe3c2f7..8a6ece1e 100644 --- a/modules/ferm/templates/defs.conf.erb +++ b/modules/ferm/templates/defs.conf.erb @@ -127,6 +127,7 @@ @def $BUILDD_SSH_ACCESS = (); @def $BUILDD_SSH_ACCESS = ($BUILDD_SSH_ACCESS 194.177.211.200); # grieg +@def $BUILDD_SSH_ACCESS = ($BUILDD_SSH_ACCESS 5.153.231.18); # wuiet @def $BUILDD_SSH_ACCESS = ($BUILDD_SSH_ACCESS 97.107.116.29); # master @def $BUILDD_SSH_ACCESS = ($BUILDD_SSH_ACCESS 206.12.19.5); # ravel @def $BUILDD_SSH_ACCESS = ($BUILDD_SSH_ACCESS 82.195.75.110); # new-master diff --git a/modules/sudo/files/sudoers b/modules/sudo/files/sudoers index a41b92a1..36434f89 100644 --- a/modules/sudo/files/sudoers +++ b/modules/sudo/files/sudoers @@ -31,6 +31,7 @@ Host_Alias MEGARAIDHOSTS = grieg, rautavaara, sibelius Host_Alias MPTRAIDHOSTS = barber, biber, cilea, vitry, orff Host_Alias MEGACTLHOSTS = nielsen Host_Alias LISTHOSTS = bendel +Host_Alias BUILDD_MASTER = grieg, wuiet Host_Alias PORTERBOXES = abel, agricola, barriere, eder, falla, fischer, gabrielli, harris, merulo, partch, smetana, zelenka Host_Alias PIUPARTS_SLAVE_HOSTS = piu-slave-bm-a @@ -146,8 +147,8 @@ piupartss PIUPARTS_SLAVE_HOSTS=(ALL) NOPASSWD: ALL # remote power to babylon5 in the same rack: joerg unger=(ALL) /usr/bin/sispmctl -t [12], /usr/bin/sispmctl -g [12] # wbadm can update all buildd* users' keys on buildd.d.o -%wbadm grieg=(root) /usr/local/bin/update-buildd-sshkeys -wbadm grieg=(postgres) NOPASSWD: /usr/bin/pg_dumpall --cluster 8.4/wanna-build +%wbadm BUILDD_MASTER=(root) /usr/local/bin/update-buildd-sshkeys +wbadm BUILDD_MASTER=(postgres) NOPASSWD: /usr/bin/pg_dumpall --cluster 8.4/wanna-build # mirror push dak FTPHOSTS,SECHOSTS=(archvsync) NOPASSWD:/home/archvsync/runmirrors dak franck=(backports) NOPASSWD: /home/backports/bin/update-archive