modules/roles/manifests/historical_mirror.pp

   1 class roles::historical_mirror {
   2         include roles::archvsync_base
   3         include apache2::expires
   4
   5         $rsync_bind = $::hostname ? {
   6                 gretchaninov => '209.87.16.41',
   7                 klecker => '130.89.148.13',
   8                 mirror-conova => '217.196.149.234',
   9                 sibelius => '193.62.202.28',
  10                 default    => '',
  11         }
  12         $rsync_bind6 = $::hostname ? {
  13                 gretchaninov => '2607:f8f0:614:1::1274:41',
  14                 klecker => '2001:610:1908:b000::148:13',
  15                 mirror-conova => '2a02:16a8:dc41:100::234',
  16                 sibelius => '2001:630:206:4000:1a1a:0:c13e:ca1c',
  17                 default    => '',
  18         }
  19
  20         $vhost_listen = join([
  21                 ($rsync_bind  == '') ? { true => "*:80", default => "$rsync_bind:80" },
  22                 ($rsync6_bind == '') ? { true => "*:80", default => "[$rsync6_bind]:80" }
  23                 ], ' ')
  24         }
  25
  26         $onion_v4_addr = $::hostname ? {
  27                 default    => undef,
  28         }
  29         $archive_root = $::hostname ? {
  30                 default    => '/srv/mirrors/debian-archive',
  31         }
  32
  33         apache2::site { '010-archive.debian.org':
  34                 site   => 'archive.debian.org',
  35                 content => template('roles/apache-archive.debian.org.erb'),
  36         }
  37
  38         if has_role('historical_master') {
  39                 $sslname = 'archive-master.debian.org'
  40                 ssl::service { $sslname:
  41                         key      => true,
  42                         tlsaport => [],
  43                 }
  44         } else {
  45                 $sslname = ''
  46         }
  47
  48         rsync::site_systemd { 'archive':
  49                 source      => 'puppet:///modules/roles/historical_mirror/rsyncd.conf',
  50                 max_clients => 100,
  51                 sslname     => $sslname,
  52                 bind        => $rsync_bind,
  53                 bind6       => $rsync_bind6,
  54         }
  55
  56         if has_role('historical_mirror_onion') {
  57                 if ! $onion_v4_addr {
  58                         fail("Do not have an onion_v4_addr set for $::hostname.")
  59                 }
  60
  61                 onion::service { 'archive.debian.org':
  62                         port => 80,
  63                         target_port => 80,
  64                         target_address => $onion_v4_addr,
  65                 }
  66         }
  67 }