1 class roles::security_mirror {
2 include roles::archvsync_base
4 $binds = $::hostname ? {
5 mirror-anu => [ '150.203.164.61', '[2001:388:1034:2900::3d]' ],
6 mirror-bytemark => [ '5.153.231.46', '[2001:41c8:1000:21::21:46]' ],
7 mirror-conova => [ '217.196.149.233', '[2a02:16a8:dc41:100::233]' ],
8 mirror-isc => [ '149.20.4.14', '[2001:4f8:1:c::14]' ],
9 mirror-umn => [ '128.101.240.215', '[2607:ea00:101:3c0b::1deb:215]' ],
10 default => [ '[::]' ],
13 include apache2::expires
14 include apache2::rewrite
16 apache2::site { '010-security.debian.org':
17 site => 'security.debian.org',
18 content => template('roles/security_mirror/security.debian.org.erb')
21 $mirrors = hiera('roles.security_mirror', {})
22 $fastly_mirrors = $mirrors.filter |$h| { $h[1]['fastly-backend'] }
23 $hosts_to_check = $fastly_mirrors.map |$h| { $h[1]['service-hostname'] }
25 roles::mirror_health { 'security':
26 check_hosts => $hosts_to_check,
27 check_service => 'security',
28 url => 'http://security.backend.mirrors.debian.org/debian/dists/sid/Release',
29 health_url => 'http://security.backend.mirrors.debian.org/_health',
32 rsync::site { 'security':
33 source => 'puppet:///modules/roles/security_mirror/rsyncd.conf',
38 $onion_v4_addr = hiera("roles.security_mirror", {})
39 .dig($::fqdn, 'onion_v4_address')
41 onion::service { 'security.debian.org':
44 target_address => $onion_v4_addr,