1 class roles::security_tracker {
4 include apache2::proxy_http
5 include apache2::expires
7 apache2::module { 'cache_disk':
11 # security-tracker abusers
12 # 66.170.99.1 20180706 excessive number of requests
13 # 66.170.99.2 20180706 excessive number of requests
14 ferm::rule { 'dsa-sectracker-abusers':
16 rule => 'saddr (66.170.99.1 66.170.99.2) DROP',
20 ssl::service { 'security-tracker.debian.org':
21 notify => Exec['service apache2 reload'],
25 apache2::site { 'security-tracker.debian.org':
26 site => 'security-tracker.debian.org',
27 content => template('roles/apache-security-tracker.debian.org.conf.erb')
30 # traffic shaping http traffic
31 #ferm::rule { 'dsa-security-tracker-shape':
34 # rule => 'proto tcp sport 443 MARK set-mark 20',
37 file { '/usr/local/sbin/traffic-shape':
39 content => template('roles/security-tracker/traffic-shape'),
40 notify => Exec['/usr/local/sbin/traffic-shape'],
42 exec { '/usr/local/sbin/traffic-shape':