git.donarmstrong.com Git - dsa-puppet.git/log

]> git.donarmstrong.com Git - dsa-puppet.git/log

projects / dsa-puppet.git / log

summary | shortlog | log | commit | commitdiff | tree
first ⋅ prev ⋅ next

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 15:57:20 +0000 (16:57 +0100)]

Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet

* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
  nagios is also allowed to connect to ssh
  anchor start of line
  template the munin master as well
  erb, I hate you
  reshuffle bind configuration

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 15:57:18 +0000 (16:57 +0100)]

Specify which target port we want in our ssh call

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 15:36:12 +0000 (15:36 +0000)]

nagios is also allowed to connect to ssh

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 15:12:29 +0000 (15:12 +0000)]

anchor start of line

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 15:11:33 +0000 (15:11 +0000)]

template the munin master as well

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 15:01:00 +0000 (15:01 +0000)]

erb, I hate you

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 14:52:26 +0000 (14:52 +0000)]

reshuffle bind configuration

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:33:17 +0000 (15:33 +0100)]

Add a comment

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:31:52 +0000 (15:31 +0100)]

Replace stunnel on master with this

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:29:10 +0000 (15:29 +0100)]

Try to get sshkey

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:21:07 +0000 (15:21 +0100)]

Typo

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:19:14 +0000 (15:19 +0100)]

Manually cast more

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:18:19 +0000 (15:18 +0100)]

Manually cast

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:17:25 +0000 (15:17 +0100)]

Update comment

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:16:29 +0000 (15:16 +0100)]

Typo

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:15:28 +0000 (15:15 +0100)]

And produce an xinetd snippet

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:14:53 +0000 (15:14 +0100)]

Comment out debugging info

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:08:35 +0000 (15:08 +0100)]

fqdn instead of hostname

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:07:21 +0000 (15:07 +0100)]

I wonder how one debugs these things properly

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:05:16 +0000 (15:05 +0100)]

yeah, that too

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:03:22 +0000 (15:03 +0100)]

start by quoting strings

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:02:15 +0000 (15:02 +0100)]

I wonder in how many ways this will blow up

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:01:19 +0000 (15:01 +0100)]

Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet

* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
Revert "test template"

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 14:01:15 +0000 (15:01 +0100)]

Use _ instead of -

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 13:28:34 +0000 (13:28 +0000)]

Revert "test template"

This reverts commit 95fe5adaaca52ca56e246c545169ab68fd62d8e4.

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 13:26:33 +0000 (14:26 +0100)]

Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet

* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
test template

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 13:26:27 +0000 (14:26 +0100)]

Rename portforwarder to portforwarder-key; Add portforwarder-user-exists fact

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 13:26:10 +0000 (13:26 +0000)]

Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 13:26:05 +0000 (13:26 +0000)]

test template

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 12:52:00 +0000 (13:52 +0100)]

Add a facter that collects ssh keys of the portforwarder user

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 03:52:51 +0000 (03:52 +0000)]

clean up some formatting

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 03:50:22 +0000 (03:50 +0000)]

right, this is an array

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 03:47:26 +0000 (03:47 +0000)]

we don't actually need to build an array and take it back apart

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 03:44:54 +0000 (03:44 +0000)]

we don't need to append to the string now

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 03:43:31 +0000 (03:43 +0000)]

force into a string

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 03:41:34 +0000 (03:41 +0000)]

let's use consistent variables

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 03:39:54 +0000 (03:39 +0000)]

correct template name

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 03:37:15 +0000 (03:37 +0000)]

automate named.conf.acl

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 03:27:49 +0000 (03:27 +0000)]

fix up some usage of keyinfo

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 03:24:14 +0000 (03:24 +0000)]

move keyinfo to all hosts, as we want it for various other lookups

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 03:21:38 +0000 (03:21 +0000)]

equality is overrated

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 03:19:04 +0000 (03:19 +0000)]

first stab at making puppet figure out info for nagios and munin master

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 02:59:21 +0000 (02:59 +0000)]

add munin and nagios master declarations

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 02:53:55 +0000 (02:53 +0000)]

skip munin on fano, as it keeps dying and holding up the show

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 01:00:30 +0000 (01:00 +0000)]

Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 01:01:17 +0000 (02:01 +0100)]

quick, before anybody notices

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 01:00:22 +0000 (01:00 +0000)]

fix typo

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 00:59:59 +0000 (01:59 +0100)]

Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet

* 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet:
cleanup a bit

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 00:59:53 +0000 (01:59 +0100)]

weasel addresses

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 00:57:40 +0000 (00:57 +0000)]

cleanup a bit

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Peter Palfrader [Sun, 21 Feb 2010 00:55:04 +0000 (01:55 +0100)]

Extra sources.list entry on alkman

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 00:44:23 +0000 (00:44 +0000)]

correct munin/nagios ip addresses

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 00:42:28 +0000 (00:42 +0000)]

how about I add the right ip for weasel?

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 00:39:33 +0000 (00:39 +0000)]

make v6 logging work; add weasel ip; fix brain damage

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 00:14:01 +0000 (00:14 +0000)]

shuffle

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 00:11:45 +0000 (00:11 +0000)]

and name it

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 00:10:46 +0000 (00:10 +0000)]

add log/drop rule

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sun, 21 Feb 2010 00:03:54 +0000 (00:03 +0000)]

shorten up the typing

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 23:14:33 +0000 (23:14 +0000)]

obligatory headers

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 23:07:21 +0000 (23:07 +0000)]

scoping fix

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 22:49:04 +0000 (22:49 +0000)]

Revert "try without a source for the directory"

This reverts commit a1a623c8c95076d6d2c13c0d8ed81860eae626ee.

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 22:39:05 +0000 (22:39 +0000)]

try without a source for the directory

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 22:38:08 +0000 (22:38 +0000)]

this should virtually work

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 22:17:32 +0000 (22:17 +0000)]

dammit. ferm is smarter than me

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 22:13:33 +0000 (22:13 +0000)]

and actually quote correctly

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 22:11:43 +0000 (22:11 +0000)]

add v4 and v6 any rules

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 21:45:36 +0000 (21:45 +0000)]

a few more rules

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 21:35:37 +0000 (21:35 +0000)]

reshuffle things around

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 21:32:33 +0000 (21:32 +0000)]

override the command run as well

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 21:26:52 +0000 (21:26 +0000)]

put my home subnets in, instead of single ips

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 21:25:07 +0000 (21:25 +0000)]

permissions fixup

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 21:21:55 +0000 (21:21 +0000)]

first stab at making the rules appear without doing anything

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 21:09:16 +0000 (21:09 +0000)]

actually inherit from ferm in subclass

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 21:08:36 +0000 (21:08 +0000)]

what can possibly go wrong, take 2

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 21:07:54 +0000 (21:07 +0000)]

what can possibly go wrong

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 20:48:57 +0000 (20:48 +0000)]

and remove random extra keyword

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 20:48:14 +0000 (20:48 +0000)]

apparently this is a known bug only for icmp - make target match all protocols but only after icmp accept

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 20:44:18 +0000 (20:44 +0000)]

a few more rules

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 20:38:36 +0000 (20:38 +0000)]

move INVALID handler after ICMP handler due to ip6tables bug

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 20:27:04 +0000 (20:27 +0000)]

add v6, possibly not brokenly this time

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 20:21:55 +0000 (20:21 +0000)]

might work better

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 20:20:29 +0000 (20:20 +0000)]

how bad can this go

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 20:05:27 +0000 (20:05 +0000)]

fail open

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 20:00:43 +0000 (20:00 +0000)]

try it with several ips

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 19:58:55 +0000 (19:58 +0000)]

reload ferm on rule change

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 19:57:49 +0000 (19:57 +0000)]

maybe this is not wrong, take 7

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 19:54:03 +0000 (19:54 +0000)]

maybe this is not wrong, take 6

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 19:53:21 +0000 (19:53 +0000)]

maybe this is not wrong, take 5

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 19:52:03 +0000 (19:52 +0000)]

maybe this is not wrong, take 4

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 19:49:29 +0000 (19:49 +0000)]

maybe this is not wrong, take 3

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 19:48:55 +0000 (19:48 +0000)]

maybe this is not wrong, take 2

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 19:48:18 +0000 (19:48 +0000)]

maybe this is not wrong

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 19:42:44 +0000 (19:42 +0000)]

fix syntax for ferm now ...

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 19:40:28 +0000 (19:40 +0000)]

try not to screw up template syntax

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 19:39:05 +0000 (19:39 +0000)]

get variable right

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 19:38:11 +0000 (19:38 +0000)]

first try at local conf

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 16:23:52 +0000 (16:23 +0000)]

an include that works

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 16:21:48 +0000 (16:21 +0000)]

actually ship ferm.conf

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 16:19:02 +0000 (16:19 +0000)]

oops

Signed-off-by: Stephen Gran <steve@lobefin.net>

commit | commitdiff | tree

Stephen Gran [Sat, 20 Feb 2010 16:18:19 +0000 (16:18 +0000)]

let's see if this works

Signed-off-by: Stephen Gran <steve@lobefin.net>

Unnamed repository; edit this file 'description' to name the repository.