3 # @param db_port port of the database cluster for ftp-master's dak
4 class roles::ftp_master (
8 include roles::dakmaster
12 rsync::site { 'dakmaster':
13 source => 'puppet:///modules/roles/dakmaster/rsyncd.conf',
14 # Needs to be at least number of direct mirrors plus some spare
16 sslname => 'ftp-master.debian.org',
19 ssl::service { 'ftp-master.debian.org':
20 notify => Exec['service apache2 reload'],
22 tlsaport => [443, 1873],
25 # export ssh allow rules for hosts that we should be able to access
26 @@ferm::rule::simple { "dsa-ssh-from-ftp_master-${::fqdn}":
27 tag => 'ssh::server::from::ftp_master',
28 description => 'Allow ssh access from ftp_master',
30 saddr => $base::public_addresses,
33 postgres::cluster::hba_entry { 'dak-guest':
35 database => 'projectb',
37 address => '127.0.0.1',