1 # the base class defining tings common for all three static classes (master, mirror, source)
2 class roles::static::base {
3 $query = 'nodes[certname] { resources { type = "Class" and title = "Roles::Static_mirror" } }'
4 $static_mirrors = sort(puppetdb_query($query).map |$value| { $value["certname"] })
6 file { '/etc/static-components.conf':
7 content => template('roles/static-mirroring/static-components.conf.erb'),
10 file { '/usr/local/bin/staticsync-ssh-wrap':
11 source => 'puppet:///modules/roles/static-mirroring/staticsync-ssh-wrap',
15 file { '/usr/local/bin/static-update-component':
16 source => 'puppet:///modules/roles/static-mirroring/static-update-component',
20 file { '/usr/local/bin/static-mirror-ssh-wrap': ensure => absent; }
21 file { '/usr/local/bin/static-master-ssh-wrap': ensure => absent; }
23 ferm::rule { 'dsa-static-bt-v4':
24 description => 'Allow bt between static hosts',
25 rule => 'proto tcp mod state state (NEW) mod multiport destination-ports (6881:6999) @subchain \'static-bt\' { saddr ($HOST_STATIC_V4) ACCEPT; }',
28 ferm::rule { 'dsa-static-bt-v6':
29 description => 'Allow bt between static hosts',
31 rule => 'proto tcp mod state state (NEW) mod multiport destination-ports (6881:6999) @subchain \'static-bt\' { saddr ($HOST_STATIC_V6) ACCEPT; }',
35 file { '/etc/staticsync.conf':
37 # This file is sourced by bash
38 # and parsed by python
39 # - empty lines and lines starting with a # are ignored.
40 # - other lines are key=value. No extra spaces anywhere. No quoting.
41 base=/srv/static.debian.org
42 masterbase=/home/staticsync/static-master/master
projects / mirror / dsa-puppet.git / blob