hieradata/common.yaml

   1 ---
   2 nameservers: []
   3 searchpaths: []
   4 resolvoptions: []
   5 allow_dns_query: []
   6 role_config__mirrors:
   7   mirror_basedir_prefix: '/srv/mirrors/'
   8 role_config__syncproxy:
   9   mirror_basedir_prefix: '/srv/mirrors/'
  10 samhain_recipients:
  11   - 'debian-archive-debian-samhain-reports@master.debian.org'
  12   - 'debian-admin@ftbfs.de'
  13   - 'weasel@debian.org'
  14   - 'zumbi@oron.es'
  15 root_mail_alias:
  16   - 'debian-admin@debian.org'
  17 paths:
  18   letsencrypt_dir: '/srv/puppet.debian.org/from-letsencrypt'
  19   auto_certs_dir: '/srv/puppet.debian.org/ca/RESULT/certs'
  20   auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts'
  21 roles:
  22   bugsmx:
  23     - buxtehude.debian.org
  24   bugs_master:
  25     - buxtehude.debian.org
  26   bugs_mirror:
  27     - beach.debian.org
  28   bugs_base:
  29     - buxtehude.debian.org
  30     - beach.debian.org
  31   buildd_master:
  32     - wuiet.debian.org
  33   contributors:
  34     - nono.debian.org
  35   dbmaster:
  36     - draghi.debian.org
  37   debtags:
  38     - tate.debian.org
  39   dns_primary:
  40     - denis.debian.org
  41   dns_geo:
  42     - geo1.debian.org
  43     - geo2.debian.org
  44     - geo3.debian.org
  45   extranrpeclient:
  46     - denis.debian.org
  47   ftp_master:
  48     - fasolo.debian.org
  49   ftp.upload.d.o:
  50     - coccia.debian.org
  51     - usper.debian.org
  52   api.ftp-master:
  53     - coccia.debian.org
  54   dgit_browse:
  55     - cgi-grnet-01.debian.org
  56   dgit_git:
  57     - cgi-grnet-01.debian.org
  58   git_master:
  59     - adayevskaya.debian.org
  60   historicalpackages:
  61     - hier.debian.org
  62   jenkins:
  63     - jerea.debian.org
  64   keyring:
  65     - kaufmann.debian.org
  66   lists:
  67     - bendel.debian.org
  68   mailrelay:
  69     - mailly.debian.org
  70     - muffat.debian.org
  71   manpages-dyn:
  72     - manziarly.debian.org
  73     - cgi-grnet-01.debian.org
  74   mirrormaster:
  75     - melartin.debian.org
  76   muninmaster:
  77     - menotti.debian.org
  78   nagiosmaster:
  79     - tchaikovsky.debian.org
  80   nm:
  81     - nono.debian.org
  82   packages:
  83     - picconi.debian.org
  84     - pkgmirror-csail.debian.org
  85   packagesmaster:
  86     - picconi.debian.org
  87   packagesqamaster:
  88     - quantz.debian.org
  89   people:
  90     - paradis.debian.org
  91   piuparts:
  92     - pejacevic.debian.org
  93   piuparts_slave:
  94     - piu-slave-bm-a.debian.org
  95     - piu-slave-ubc-01.debian.org
  96   popcon:
  97     - pinel.debian.org
  98   pubsub:
  99     - rainier.debian.org
 100     - rapoport.debian.org
 101   puppetmaster:
 102     - handel.debian.org
 103   qamaster:
 104     - quantz.debian.org
 105   rtmaster:
 106     - reger.debian.org
 107   rtc:
 108     - vogler.debian.org
 109   search_backend:
 110     - wolkenstein.debian.org
 111   search_frontend:
 112     - cgi-grnet-01.debian.org
 113   archvsync_base_additional:
 114   # this is usually pulled in by *-mirror or syncproxy roles
 115     - dummy
 116   security_master:
 117     - seger.debian.org
 118   security_mirror:
 119     mirror-anu.debian.org:
 120       fastly-backend: false
 121     mirror-bytemark.debian.org:
 122       fastly-backend: false
 123     mirror-conova.debian.org:
 124       fastly-backend: false
 125     mirror-csail.debian.org:
 126       fastly-backend: false
 127     mirror-isc.debian.org:
 128       onion_v4_address: 149.20.4.14
 129     mirror-umn.debian.org:
 130       onion_v4_address: 128.101.240.215
 131     mirror-accumu.debian.org:
 132       fastly-backend: false
 133     mirror-skroutz.debian.org:
 134       fastly-backend: false
 135     lobos.debian.org:
 136       service-hostname: lobos.security.backend.mirrors.debian.org
 137       fastly-backend: false
 138       onion_v4_address: 212.211.132.250
 139     santoro.debian.org:
 140       fastly-backend: false
 141     schumann.debian.org:
 142       service-hostname: schumann.security.backend.mirrors.debian.org
 143       fastly-backend: true
 144     setoguchi.debian.org:
 145       fastly-backend: false
 146     sechter.debian.org:
 147       fastly-backend: false
 148     villa.debian.org:
 149       service-hostname: villa.security.backend.mirrors.debian.org
 150       fastly-backend: true
 151       onion_v4_address: 212.211.132.32
 152     wieck.debian.org:
 153       service-hostname: wieck.security.backend.mirrors.debian.org
 154       fastly-backend: true
 155   security_tracker:
 156     - soriano.debian.org
 157   security_upload:
 158     - suchon.debian.org
 159   ssh.upload.d.o:
 160     - coccia.debian.org
 161     - suchon.debian.org
 162     - usper.debian.org
 163   sso:
 164     - diabelli.debian.org
 165   # single sign on relying party (host) - also required apache2 module enabled on that host via other means
 166   sso_rp:
 167     - debussy.debian.org
 168     - diabelli.debian.org
 169     - jerea.debian.org
 170     - nono.debian.org
 171     - quantz.debian.org
 172     - tate.debian.org
 173     - ticharich.debian.org
 174     - wilder.debian.org
 175   static_master:
 176     - dillon.debian.org
 177     - fasolo.debian.org
 178     - porta.debian.org
 179     - static-master-grnet-01.debian.org
 180   static_mirror:
 181     - klecker.debian.org
 182     - mirror-anu.debian.org
 183     - mirror-csail.debian.org
 184     - mirror-isc.debian.org
 185     - senfter.debian.org
 186     - santoro.debian.org
 187   static_mirror_onion:
 188     - klecker.debian.org
 189     - mirror-isc.debian.org
 190     - senfter.debian.org
 191   # when adding a new static mirror, allow it to sync etc, but do not push to it and wait for it.  For this, also add it to static_mirror_nopush.
 192   static_mirror_nopush:
 193     - dummy
 194   static_source:
 195     - boott.debian.org
 196     - casulana.debian.org
 197     - coccia.debian.org
 198     - dillon.debian.org
 199     - donizetti.debian.org
 200     - fasolo.debian.org
 201     - lindsay.debian.org
 202     - manziarly.debian.org
 203     - mekeel.debian.org
 204     - melartin.debian.org
 205     - porta.debian.org
 206     - philp.debian.org
 207     - respighi.debian.org
 208     - wolkenstein.debian.org
 209     - wuiet.debian.org
 210   syncproxy:
 211     - gretchaninov.debian.org
 212     - klecker.debian.org
 213     - milanollo.debian.org
 214     - mirror-anu.debian.org
 215     - mirror-conova.debian.org
 216     - mirror-isc.debian.org
 217     - mirror-umn.debian.org
 218   tracker:
 219     - ticharich.debian.org
 220   udd:
 221     - ullmann.debian.org
 222   vote:
 223     - vento.debian.org
 224   weblog_destination:
 225     - wolkenstein.debian.org
 226   weblog_provider:
 227     - klecker.debian.org
 228     - mirror-anu.debian.org
 229     - mirror-csail.debian.org
 230     - mirror-isc.debian.org
 231     - mirror-umn.debian.org
 232     - santoro.debian.org
 233     - senfter.debian.org
 234   wiki:
 235     - wilder.debian.org
 236   www_master:
 237     - wolkenstein.debian.org
 238   cgi.d.o:
 239     - wolkenstein.debian.org
 240   postgres_backup_server:
 241     - backuphost.debian.org
 242     - storace.debian.org
 243   bacula_director:
 244     - dinis.debian.org
 245   bacula_storage:
 246     - storace.debian.org
 247   dabackup_client:
 248     - moszumanska.debian.org
 249     - lw03.debian.org
 250   gobby_debian_org:
 251     - gombert.debian.org
 252   veyepar.debian.org:
 253     - vittoria.debian.org
 254   sreview.debian.org:
 255     - vittoria.debian.org
 256   debian_mirror:
 257     klecker.debian.org:
 258       listen-addresses:
 259         - '130.89.148.12:80'
 260         - '[2001:610:1908:b000::148:12]:80'
 261         - '[2001:67c:2564:a119::148:12]:80'
 262       onion_v4_address: 130.89.148.12
 263     mirror-bytemark.debian.org:
 264       service-hostname: bytemark.debian.backend.mirrors.debian.org
 265       listen-addresses:
 266         - '5.153.231.45:80'
 267         - '[2001:41c8:1000:21::21:45]:80'
 268       fastly-backend: true
 269       onion_v4_address: 5.153.231.45
 270     mirror-accumu.debian.org:
 271       service-hostname: accumu.debian.backend.mirrors.debian.org
 272       fastly-backend: true
 273     mirror-skroutz.debian.org:
 274       service-hostname: skroutz.debian.backend.mirrors.debian.org
 275       fastly-backend: true
 276     mirror-conova.debian.org:
 277       service-hostname: conova.debian.backend.mirrors.debian.org
 278       listen-addresses:
 279         - '217.196.149.232:80'
 280         - '[2a02:16a8:dc41:100::232]:80'
 281       fastly-backend: true
 282     mirror-isc.debian.org:
 283       listen-addresses:
 284         - '149.20.4.15:80'
 285         - '[2001:4f8:1:c::15]:80'
 286       onion_v4_address: 149.20.4.15
 287   historical_master:
 288     - sibelius.debian.org
 289   historical_mirror:
 290     - gretchaninov.debian.org
 291     - klecker.debian.org
 292     - mirror-conova.debian.org
 293     - sibelius.debian.org
 294   debug_mirror:
 295     - klecker.debian.org
 296     - mirror-conova.debian.org
 297     - mirror-isc.debian.org
 298   debug_mirror_onion:
 299     - klecker.debian.org
 300     - mirror-isc.debian.org
 301   ports_mirror:
 302     - klecker.debian.org
 303     - mirror-isc.debian.org
 304   ports_mirror_onion:
 305     - klecker.debian.org
 306     - mirror-isc.debian.org
 307   planet_master:
 308     - philp.debian.org
 309   planet_search:
 310     - philp.debian.org
 311   i18n.d.o:
 312     - tye.debian.org
 313   l10n.d.o:
 314     - tye.debian.org
 315   dedup.d.n:
 316     - delfin.debian.org
 317   pet.d.n:
 318     - petrova.debian.org
 319   ports_master:
 320     - porta.debian.org
 321   onionbalance:
 322     - olin.debian.org
 323   bgp:
 324     - mirror-bytemark.debian.org
 325     - mirror-conova.debian.org
 326     - mirror-accumu.debian.org
 327     - mirror-skroutz.debian.org
 328   cdimage-search:
 329     - cgi-grnet-01.debian.org
 330   apache_prefork:
 331     # php needs this
 332     - quantz.debian.org
 333     - tchaikovsky.debian.org
 334     - wuiet.debian.org
 335   postgresql_server:
 336     # postgresql instances not managed by puppet otherwise
 337     - bmdb1.debian.org
 338     - buxtehude.debian.org
 339     - danzi.debian.org
 340     - fasolo.debian.org
 341     - melartin.debian.org
 342     - sallinen.debian.org
 343     - seger.debian.org
 344     - sibelius.debian.org
 345     - vittoria.debian.org
 346   salsa.debian.org:
 347     - godard.debian.org
 348   insecure_ssl:
 349     - debussy.debian.org
 350     - godard.debian.org
 351   debsources:
 352     - sor.debian.org
 353   ipsec:
 354     - fasolo.debian.org
 355     - storace.debian.org
 356   debconf_wafer:
 357     - debussy.debian.org
 358   apache_not_public:
 359     # Hosts that run apache but where it should not be open to the internet by
 360     # default
 361     - casulana.debian.org
 362   cdbuilder_local_mirror:
 363     - casulana.debian.org