1 # = Class: roles::dbmaster
3 # Setup for db.debian.org master host
7 # include roles::dbmaster
9 class roles::dbmaster {
12 include roles::pubsub::parameters
14 $rabbit_password = $roles::pubsub::parameters::rabbit_password
16 ssl::service { 'db.debian.org':
17 notify => [ Exec['service apache2 reload'],
20 tlsaport => [443, 389, 636],
23 file { '/etc/ldap/db.debian.org.key':
27 content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.letsencrypt_dir"]) + "/db.debian.org.key") %>'),
31 roles::pubsub::config { 'generate':
32 key => 'dsa-udgenerate',
34 topic => 'dsa.ud.replicate',
37 password => $rabbit_password
45 ssh::authorized_key_add { 'dbmaster::puppetmaster::nagios-build':
46 target_user => 'puppet',
47 command => '/srv/puppet.debian.org/sync/bin/puppet-ssh-wrap draghi.debian.org nagiosconfig',
48 key => $facts['dsa_key'],
49 collect_tag => 'puppetmaster',