3 # Lookup role and include relevant classes for roles
10 if has_role('muninmaster') {
14 if has_role('nagiosmaster') {
15 include nagios::server
18 if has_role('manpages-dyn') {
19 include roles::manpages_dyn
23 if has_role('historical_mirror') {
24 include roles::historical_mirror
28 if has_role('debug_mirror') {
29 include roles::debug_mirror
32 # ftp.debian.org and its ecosystem
33 if has_role('debian_mirror') {
34 include roles::debian_mirror
36 if has_role('ftp_master') {
37 include roles::ftp_master
38 include roles::dakmaster
39 include roles::signing
41 if has_role('ftp.upload.d.o') {
42 include roles::ftp_upload
44 if has_role('ssh.upload.d.o') {
45 include roles::ssh_upload
47 if has_role('security_upload') {
48 include roles::security_upload
52 if has_role('security_master') {
53 include roles::security_master
54 include roles::dakmaster
57 if has_role('security_mirror') {
58 include roles::security_mirror
61 if has_role('git_master') {
62 include roles::git_master
65 if has_role('people') {
66 ssl::service { 'people.debian.org': notify => Exec['service apache2 reload'], key => true, }
67 onion::service { 'people.debian.org': port => 80, target_address => 'people.debian.org', target_port => 80, direct => true }
70 if has_role('www_master') {
71 include roles::www_master
74 if has_role('cgi.d.o') {
75 ssl::service { 'cgi.debian.org': notify => Exec['service apache2 reload'], key => true, }
82 if has_role('syncproxy') {
83 include roles::syncproxy
86 if has_role('mailrelay') {
87 include roles::mailrelay
90 if has_role('pubsub') {
94 if has_role('dbmaster') {
95 include roles::dbmaster
98 if has_role('dns_primary') {
99 include roles::dns_primary
102 if has_role('dns_geo') {
103 include roles::dns_geodns
106 if has_role('security_tracker') {
107 include roles::security_tracker
110 if has_role('rtmaster') {
111 include roles::rtmaster
122 if has_role('sso_rp') {
123 include roles::sso_rp
126 if has_role('contributors') {
127 include roles::contributors
134 if has_role('postgres_backup_server') {
135 include postgres::backup_server
138 if has_role('packages') {
139 ssl::service { 'packages.debian.org': notify => Exec['service apache2 reload'], key => true, }
142 if has_role('historicalpackages') {
143 ssl::service { 'historical.packages.debian.org': notify => Exec['service apache2 reload'], key => true, }
146 if has_role('qamaster') {
147 ssl::service { 'qa.debian.org': notify => Exec['service apache2 reload'], key => true, }
150 if has_role('packagesqamaster') {
151 ssl::service { 'packages.qa.debian.org': notify => Exec['service apache2 reload'], key => true, }
154 if has_role('gobby_debian_org') {
155 ssl::service { 'gobby.debian.org':
156 notify => [ Exec['service apache2 reload'], Exec['reload gobby'] ],
158 tlsaport => [443, 6523],
160 file { '/etc/ssl/debian-local/other-keys/gobby.debian.org.key':
164 content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.letsencrypt_dir"]) + "/gobby.debian.org.key") %>'),
166 notify => Exec['reload gobby'],
168 exec { 'reload gobby':
169 command => 'pkill -u gobby -HUP -x infinoted',
174 if has_role('search_backend') {
175 include roles::search_backend
177 if has_role('search_frontend') {
178 include roles::search_frontend
181 if has_role('dgit_browse') {
182 include roles::dgit_browse
184 if has_role('dgit_git') {
185 include roles::dgit_git
188 if $::hostname in [lw01, lw02, lw03, lw04, lw09, lw10] {
189 include roles::snapshot
192 if has_role('snapshot_web') {
193 include roles::snapshot_web
196 if has_role('snapshot_shell') {
197 include roles::snapshot_shell
200 if has_role('debtags') {
201 include roles::debtags
204 if has_role('planet_master') {
205 include roles::planet_master
207 if has_role('planet_search') {
208 ssl::service { 'planet-search.debian.org': notify => Exec['service apache2 reload'], key => true, }
211 if has_role('i18n.d.o') {
212 ssl::service { 'i18n.debian.org': notify => Exec['service apache2 reload'], key => true, }
215 if has_role('l10n.d.o') {
216 ssl::service { 'l10n.debian.org': notify => Exec['service apache2 reload'], key => true, }
219 if has_role('dedup.d.n') {
220 ssl::service { 'dedup.debian.net': notify => Exec['service apache2 reload'], key => true, }
223 if has_role('pet.d.n') {
224 ssl::service { 'pet.debian.net': notify => Exec['service apache2 reload'], key => true, }
225 ssl::service { 'pet-devel.debian.net': notify => Exec['service apache2 reload'], key => true, }
228 if has_role('ports_master') {
229 include roles::ports_master
231 if has_role('ports_mirror') {
232 include roles::ports_mirror
235 if has_role('onionbalance') {
236 include onion::balance
241 if has_role('cdimage-search') {
242 include roles::cdimage_search
245 if has_role('postgresql_server') {
246 include postgres::backup_source
249 if has_role('bacula_director') {
250 include bacula::director
252 package { 'bacula-console': ensure => purged; }
253 file { '/etc/bacula/bconsole.conf': ensure => absent; }
255 if has_role('bacula_storage') {
256 include bacula::storage
259 if $::keyring_debian_org_mirror {
260 include roles::keyring_debian_org_mirror
263 if has_role('popcon') {
264 include roles::popcon
267 if has_role('debsources') {
268 include roles::debsources
projects / mirror / dsa-puppet.git / blob