hieradata/common.yaml

   1 ---
   2
   3 lookup_options:
   4   # with merge: unique entries in other hiera sources add to the array
   5   resolv::searchpaths:
   6     merge: unique
   7   apt::sources::debian::location:
   8     merge: unique
   9
  10 # class parameters
  11 resolv::nameservers: []
  12 resolv::searchpaths: ['debian.org']
  13 staticsync::user: 'staticsync'
  14 staticsync::basedir: '/srv/static.debian.org'
  15
  16 roles::dns_primary::allow_access:
  17   # easydns
  18   - '64.68.200.91'
  19   - '205.210.42.80'
  20   # rcode0
  21   - '83.136.34.0/27'
  22   - '2a02:850:8::/47'
  23   # netnod
  24   - '192.71.80.0/24'
  25   - '192.36.144.222'
  26   - '192.36.144.218'
  27   - '194.146.105.24'
  28   - '194.146.105.25'
  29   - '2a01:3f0:0:27::24'
  30   - '2a01:3f0:0:28::25'
  31
  32 # other variables
  33 allow_dns_query: []
  34 role_config__mirrors:
  35   mirror_basedir_prefix: '/srv/mirrors/'
  36 role_config__syncproxy:
  37   mirror_basedir_prefix: '/srv/mirrors/'
  38 samhain_recipients:
  39   - 'debian-archive-debian-samhain-reports@master.debian.org'
  40   - 'debian-admin@ftbfs.de'
  41   - 'weasel@debian.org'
  42   - 'zumbi@oron.es'
  43 root_mail_alias:
  44   - 'debian-admin@debian.org'
  45 paths:
  46   letsencrypt_dir: '/srv/puppet.debian.org/from-letsencrypt'
  47   auto_certs_dir: '/srv/puppet.debian.org/ca/RESULT/certs'
  48   auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts'
  49 apt::sources::debian::location: 'https://deb.debian.org/debian/'
  50
  51
  52 # all of these should be retired in favour of including the class role
  53 # with the host. weasel, 2019-09
  54 roles:
  55   extranrpeclient:
  56     # XXX - used by ferm templates/defs.conf.erb
  57     - denis.debian.org
  58   ftp_master:
  59     # XXX - used by ferm templates/defs.conf.erb
  60     - fasolo.debian.org
  61   mailrelay:
  62     # XXX - ONLY used by ferm templates/defs.conf.erb
  63     - mailly.debian.org
  64     - muffat.debian.org
  65   mirrormaster:
  66     # XXX - used by ferm templates/defs.conf.erb
  67     - melartin.debian.org
  68   muninmaster:
  69     # XXX - used by ferm templates/defs.conf.erb
  70     - menotti.debian.org
  71   nagiosmaster:
  72     # XXX - used by ferm templates/defs.conf.erb
  73     - tchaikovsky.debian.org
  74   security_master:
  75     # XXX - used by ferm templates/defs.conf.erb
  76     - seger.debian.org
  77   security_mirror:
  78     # XXX used also in ferm me.conf.erb
  79     mirror-anu.debian.org:
  80       fastly-backend: false
  81     mirror-csail.debian.org:
  82       fastly-backend: false
  83     mirror-isc.debian.org:
  84       onion_v4_address: 149.20.4.14
  85     mirror-umn.debian.org:
  86       onion_v4_address: 128.101.240.215
  87     mirror-accumu.debian.org:
  88       fastly-backend: false
  89     mirror-skroutz.debian.org:
  90       fastly-backend: false
  91     lobos.debian.org:
  92       service-hostname: lobos.security.backend.mirrors.debian.org
  93       fastly-backend: false
  94       onion_v4_address: 212.211.132.250
  95     santoro.debian.org:
  96       fastly-backend: false
  97     schmelzer.debian.org:
  98       fastly-backend: false
  99     schumann.debian.org:
 100       service-hostname: schumann.security.backend.mirrors.debian.org
 101       fastly-backend: true
 102     setoguchi.debian.org:
 103       fastly-backend: false
 104     sechter.debian.org:
 105       fastly-backend: false
 106     villa.debian.org:
 107       service-hostname: villa.security.backend.mirrors.debian.org
 108       fastly-backend: true
 109       onion_v4_address: 212.211.132.32
 110     wieck.debian.org:
 111       service-hostname: wieck.security.backend.mirrors.debian.org
 112       fastly-backend: true
 113   syncproxy:
 114     # XXX - used by ferm templates/defs.conf.erb
 115     - gretchaninov.debian.org
 116     - klecker.debian.org
 117     - milanollo.debian.org
 118     - mirror-anu.debian.org
 119     - mirror-isc.debian.org
 120     - mirror-umn.debian.org
 121     - schmelzer.debian.org
 122     - smit.debian.org
 123   postgres_backup_server:
 124     # XXX - used by ferm templates/defs.conf.erb
 125     - backuphost.debian.org
 126     - storace.debian.org
 127   dabackup_client:
 128     - lw03.debian.org
 129   debian_mirror:
 130     # XXX used also in ferm me.conf.erb
 131     klecker.debian.org:
 132       listen-addresses:
 133         - '130.89.148.12:80'
 134         - '[2001:67c:2564:a119::148:12]:80'
 135       onion_v4_address: 130.89.148.12
 136     mirror-accumu.debian.org:
 137       service-hostname: accumu.debian.backend.mirrors.debian.org
 138       fastly-backend: true
 139     mirror-skroutz.debian.org:
 140       service-hostname: skroutz.debian.backend.mirrors.debian.org
 141       fastly-backend: true
 142     mirror-isc.debian.org:
 143       listen-addresses:
 144         - '149.20.4.15:80'
 145         - '[2001:4f8:1:c::15]:80'
 146       onion_v4_address: 149.20.4.15
 147     schmelzer.debian.org:
 148       listen-addresses:
 149         - '217.196.149.232:80'
 150         - '[2a02:16a8:dc41:100::232]:80'
 151       fastly-backend: true
 152       service-hostname: conova.debian.backend.mirrors.debian.org
 153   historical_master:
 154     # XXX - used by ferm templates/defs.conf.erb
 155     - sibelius.debian.org
 156   historical_mirror:
 157     # XXX used also in ferm me.conf.erb
 158     - gretchaninov.debian.org
 159     - klecker.debian.org
 160     - schmelzer.debian.org
 161     - sibelius.debian.org
 162   debug_mirror:
 163     # XXX used also in ferm me.conf.erb
 164     mirror-accumu.debian.org:
 165       onion_v4_address: 130.242.6.199
 166       service-hostname: accumu.debug.backend.mirrors.debian.org
 167     schmelzer.debian.org:
 168       listen-addresses:
 169         - '217.196.149.232:80'
 170         - '[2a02:16a8:dc41:100::232]:80'
 171       onion_v4_address: 217.196.149.232
 172       service-hostname: conova.debug.backend.mirrors.debian.org
 173   debug_mirror_onion:
 174     - mirror-accumu.debian.org
 175     - schmelzer.debian.org
 176   ports_master:
 177     # XXX - used by ferm templates/defs.conf.erb
 178     - porta.debian.org
 179   onionbalance:
 180     - olin.debian.org
 181   bgp:
 182     - mirror-accumu.debian.org
 183     - mirror-skroutz.debian.org
 184   postgresql_server:
 185     # postgresql instances not managed by puppet otherwise
 186     - bmdb1.debian.org
 187     - buxtehude.debian.org
 188     - danzi.debian.org
 189     - fasolo.debian.org
 190     - lw07.debian.org
 191     - melartin.debian.org
 192     - sallinen.debian.org
 193     - seger.debian.org
 194     - snapshotdb-manda-01.debian.org
 195     - vittoria.debian.org
 196
 197 classes:
 198   - base::includes