3 # @param db_port port of the database cluster for ftp-master's dak
4 class roles::ftp_master (
8 include roles::dakmaster
10 include roles::historical_master
13 rsync::site { 'dakmaster':
14 source => 'puppet:///modules/roles/dakmaster/rsyncd.conf',
15 # Needs to be at least number of direct mirrors plus some spare
17 sslname => 'ftp-master.debian.org',
20 ssl::service { 'ftp-master.debian.org':
21 notify => Exec['service apache2 reload'],
23 tlsaport => [443, 1873],
26 # export ssh allow rules for hosts that we should be able to access
27 @@ferm::rule::simple { "dsa-ssh-from-ftp_master-${::fqdn}":
28 tag => 'ssh::server::from::ftp_master',
29 description => 'Allow ssh access from ftp_master',
31 saddr => $base::public_addresses,
34 postgres::cluster::hba_entry { 'dak-guest':
36 database => 'projectb',
38 address => '127.0.0.1',