3 # Lookup role and include relevant classes for roles
10 if has_role('muninmaster') {
14 if has_role('nagiosmaster') {
15 include nagios::server
19 if has_role('historical_mirror') {
20 include roles::historical_mirror
24 if has_role('debug_mirror') {
25 include roles::debug_mirror
28 # ftp.debian.org and its ecosystem
29 if has_role('debian_mirror') {
30 include roles::debian_mirror
32 if has_role('ftp_master') {
33 include roles::ftp_master
34 include roles::dakmaster
35 include roles::signing
37 if has_role('ftp.upload.d.o') {
38 include roles::ftp_upload
40 if has_role('ssh.upload.d.o') {
41 include roles::ssh_upload
43 if has_role('security_upload') {
44 include roles::security_upload
48 if has_role('security_master') {
49 include roles::security_master
50 include roles::dakmaster
53 if has_role('security_mirror') {
54 include roles::security_mirror
57 if has_role('git_master') {
58 include roles::git_master
61 if has_role('www_master') {
62 include roles::www_master
69 if has_role('syncproxy') {
70 include roles::syncproxy
73 if has_role('mailrelay') {
74 include roles::mailrelay
77 if has_role('dns_primary') {
78 include roles::dns_primary
81 if has_role('dns_geo') {
82 include roles::dns_geodns
85 if has_role('security_tracker') {
86 include roles::security_tracker
89 if has_role('rtmaster') {
90 include roles::rtmaster
101 if has_role('sso_rp') {
102 include roles::sso_rp
105 if has_role('postgres_backup_server') {
106 include postgres::backup_server
109 if has_role('packages') {
110 ssl::service { 'packages.debian.org': notify => Exec['service apache2 reload'], key => true, }
113 if has_role('historicalpackages') {
114 ssl::service { 'historical.packages.debian.org': notify => Exec['service apache2 reload'], key => true, }
117 if has_role('qamaster') {
118 ssl::service { 'qa.debian.org': notify => Exec['service apache2 reload'], key => true, }
121 if has_role('packagesqamaster') {
122 ssl::service { 'packages.qa.debian.org': notify => Exec['service apache2 reload'], key => true, }
125 if has_role('gobby_debian_org') {
126 ssl::service { 'gobby.debian.org':
127 notify => [ Exec['service apache2 reload'], Exec['reload gobby'] ],
129 tlsaport => [443, 6523],
131 file { '/etc/ssl/debian-local/other-keys/gobby.debian.org.key':
135 content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.letsencrypt_dir"]) + "/gobby.debian.org.key") %>'),
137 notify => Exec['reload gobby'],
139 exec { 'reload gobby':
140 command => 'pkill -u gobby -HUP -x infinoted',
145 if $::hostname in [lw01, lw02, lw03, lw04, lw09, lw10] {
146 include roles::snapshot
149 if has_role('snapshot_web') {
150 include roles::snapshot_web
153 if has_role('snapshot_shell') {
154 include roles::snapshot_shell
157 if has_role('planet_master') {
158 include roles::planet_master
160 if has_role('planet_search') {
161 ssl::service { 'planet-search.debian.org': notify => Exec['service apache2 reload'], key => true, }
164 if has_role('i18n.d.o') {
165 ssl::service { 'i18n.debian.org': notify => Exec['service apache2 reload'], key => true, }
168 if has_role('l10n.d.o') {
169 ssl::service { 'l10n.debian.org': notify => Exec['service apache2 reload'], key => true, }
172 if has_role('ports_master') {
173 include roles::ports_master
176 if has_role('onionbalance') {
177 include onion::balance
183 if has_role('postgresql_server') {
184 include postgres::backup_source
187 if has_role('bacula_director') {
188 include bacula::director
190 package { 'bacula-console': ensure => purged; }
191 file { '/etc/bacula/bconsole.conf': ensure => absent; }
193 if has_role('bacula_storage') {
194 include bacula::storage
197 if $::keyring_debian_org_mirror {
198 include roles::keyring_debian_org_mirror
201 if has_role('popcon') {
202 include roles::popcon