3 # Lookup role and include relevant classes for roles
11 if has_role('puppetmaster') {
15 if has_role('muninmaster') {
19 if has_role('nagiosmaster') {
20 # include nagios::server
21 ssl::service { 'nagios.debian.org':
22 notify => Exec['service apache2 reload'],
27 # XXX: turn this into a real role
28 if getfromhash($site::nodeinfo, 'buildd') {
32 # XXX: turn this into a real role
33 if getfromhash($site::nodeinfo, 'porterbox') {
37 if has_role('bugs_mirror') {
38 include roles::bugs_mirror
41 if has_role('bugs_base') {
42 ssl::service { 'bugs.debian.org':
43 notify => Exec['service apache2 reload'],
47 if has_role('bugs_master') {
48 ssl::service { 'bugs-master.debian.org': notify => Exec['service apache2 reload'], key => true, }
51 if has_role('manpages-dyn') {
52 include roles::manpages_dyn
55 if has_role('archvsync_base_additional') {
56 include archvsync_base
60 if has_role('historical_mirror') {
61 include roles::historical_mirror
65 if has_role('debug_mirror') {
66 include roles::debug_mirror
69 # ftp.debian.org and its ecosystem
70 if has_role('debian_mirror') {
71 include roles::debian_mirror
73 if has_role('ftp.d.o') {
76 root => '/nonexistent',
79 if has_role('ftp_master') {
80 include roles::ftp_master
81 include roles::dakmaster
82 include roles::signing
84 if has_role('ftp.upload.d.o') {
85 include roles::ftp_upload
87 if has_role('ssh.upload.d.o') {
88 include roles::ssh_upload
90 if has_role('security_upload') {
91 include roles::security_upload
93 if has_role('api.ftp-master') {
94 ssl::service { 'api.ftp-master.debian.org':
95 notify => Exec['service apache2 reload'],
100 # security.debian.org
101 if has_role('security_master') {
102 include roles::security_master
103 include roles::dakmaster
105 if has_role('security_mirror') {
106 include roles::security_mirror
109 if has_role('git_master') {
110 include roles::git_master
113 if has_role('people') {
114 ssl::service { 'people.debian.org': notify => Exec['service apache2 reload'], key => true, }
115 onion::service { 'people.debian.org': port => 80, target_address => 'people.debian.org', target_port => 80, direct => true }
118 if has_role('www_master') {
119 include roles::www_master
122 if has_role('cgi.d.o') {
123 ssl::service { 'cgi.debian.org': notify => Exec['service apache2 reload'], key => true, }
126 if has_role('keyring') {
127 include roles::keyring
130 if has_role('wiki') {
134 if has_role('syncproxy') {
135 include roles::syncproxy
138 if has_role('static_master') {
139 include roles::static_master
142 if has_role('static_mirror') {
143 include roles::static_mirror
144 } elsif has_role('static_source') {
145 include roles::static_source
148 if has_role('weblog_provider') {
149 include roles::weblog_provider
152 if has_role('mailrelay') {
153 include roles::mailrelay
156 if has_role('pubsub') {
157 include roles::pubsub
160 if has_role('dbmaster') {
161 include roles::dbmaster
164 if has_role('dns_primary') {
165 include named::primary
168 if has_role('weblog_destination') {
169 include roles::weblog_destination
172 if has_role('vote') {
176 if has_role('security_tracker') {
177 include roles::security_tracker
180 if has_role('lists') {
184 if has_role('rtmaster') {
185 include roles::rtmaster
196 if has_role('sso_rp') {
197 include roles::sso_rp
200 if has_role('tracker') {
201 include roles::tracker
204 if has_role('buildd_master') {
205 include roles::buildd_master
208 if has_role('piuparts') {
209 include roles::piuparts
211 if has_role('piuparts_slave') {
212 include roles::piuparts_slave
215 if has_role('contributors') {
216 include roles::contributors
227 if has_role('jenkins') {
228 include roles::jenkins
231 if has_role('postgres_backup_server') {
232 include postgres::backup_server
235 if has_role('packages') {
236 ssl::service { 'packages.debian.org': notify => Exec['service apache2 reload'], key => true, }
239 if has_role('historicalpackages') {
240 ssl::service { 'historical.packages.debian.org': notify => Exec['service apache2 reload'], key => true, }
243 if has_role('qamaster') {
244 ssl::service { 'qa.debian.org': notify => Exec['service apache2 reload'], key => true, }
247 if has_role('packagesqamaster') {
248 ssl::service { 'packages.qa.debian.org': notify => Exec['service apache2 reload'], key => true, }
251 if has_role('gobby_debian_org') {
252 ssl::service { 'gobby.debian.org':
253 notify => [ Exec['service apache2 reload'], Exec['reload gobby'] ],
255 tlsaport => [443, 6523],
257 file { '/etc/ssl/debian-local/other-keys/gobby.debian.org.key':
261 content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.letsencrypt_dir"]) + "/gobby.debian.org.key") %>'),
263 notify => Exec['reload gobby'],
265 exec { 'reload gobby':
266 command => 'pkill -u gobby -HUP -x infinoted',
271 if has_role('search_backend') {
272 include roles::search_backend
274 if has_role('search_frontend') {
275 include roles::search_frontend
278 if has_role('dgit_browse') {
279 include roles::dgit_browse
281 if has_role('dgit_git') {
282 include roles::dgit_git
285 if $::hostname in [lw01, lw02, lw03, lw04] {
286 include roles::snapshot
289 if has_role('veyepar.debian.org') {
290 ssl::service { 'veyepar.debian.org': notify => Exec['service apache2 reload'], key => true, }
292 if has_role('sreview.debian.org') {
293 ssl::service { 'sreview.debian.net': notify => Exec['service apache2 reload'], key => true, }
296 if has_role('debtags') {
297 include roles::debtags
300 if has_role('planet_search') {
301 ssl::service { 'planet-search.debian.org': notify => Exec['service apache2 reload'], key => true, }
304 if has_role('i18n.d.o') {
305 ssl::service { 'i18n.debian.org': notify => Exec['service apache2 reload'], key => true, }
308 if has_role('l10n.d.o') {
309 ssl::service { 'l10n.debian.org': notify => Exec['service apache2 reload'], key => true, }
312 if has_role('dedup.d.n') {
313 ssl::service { 'dedup.debian.net': notify => Exec['service apache2 reload'], key => true, }
316 if has_role('pet.d.n') {
317 ssl::service { 'pet.debian.net': notify => Exec['service apache2 reload'], key => true, }
318 ssl::service { 'pet-devel.debian.net': notify => Exec['service apache2 reload'], key => true, }
321 if has_role('ports_master') {
322 include roles::ports_master
324 if has_role('ports_mirror') {
325 include roles::ports_mirror
328 if has_role('onionbalance') {
329 include onion::balance
334 if has_role('cdimage-search') {
335 include roles::cdimage_search
338 if has_role('postgresql_server') {
339 include postgres::backup_source
342 if has_role('bacula_director') {
343 include bacula::director
345 package { 'bacula-console': ensure => purged; }
346 file { '/etc/bacula/bconsole.conf': ensure => absent; }
348 if has_role('bacula_storage') {
349 include bacula::storage
352 if has_role('salsa.debian.org') {
356 if $::keyring_debian_org_mirror {
357 include roles::keyring_debian_org_mirror
360 if has_role('popcon') {
361 include roles::popcon
364 if has_role('debsources') {
365 include roles::debsources
projects / mirror / dsa-puppet.git / blob