projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add lindsay and pinel volumes at ubc
[mirror/dsa-puppet.git]
/
hieradata
/
common.yaml
diff --git
a/hieradata/common.yaml
b/hieradata/common.yaml
index
cd148b2
..
e4990b1
100644
(file)
--- a/
hieradata/common.yaml
+++ b/
hieradata/common.yaml
@@
-7,8
+7,29
@@
lookup_options:
apt::sources::debian::location:
merge: unique
apt::sources::debian::location:
merge: unique
+# class parameters
resolv::nameservers: []
resolv::searchpaths: ['debian.org']
resolv::nameservers: []
resolv::searchpaths: ['debian.org']
+staticsync::user: 'staticsync'
+staticsync::basedir: '/srv/static.debian.org'
+
+roles::dns_primary::allow_access:
+ # easydns
+ - '64.68.200.91'
+ - '205.210.42.80'
+ # rcode0
+ - '83.136.34.0/27'
+ - '2a02:850:8::/47'
+ # netnod
+ - '192.71.80.0/24'
+ - '192.36.144.222'
+ - '192.36.144.218'
+ - '194.146.105.24'
+ - '194.146.105.25'
+ - '2a01:3f0:0:27::24'
+ - '2a01:3f0:0:28::25'
+
+# other variables
allow_dns_query: []
role_config__mirrors:
mirror_basedir_prefix: '/srv/mirrors/'
allow_dns_query: []
role_config__mirrors:
mirror_basedir_prefix: '/srv/mirrors/'
@@
-27,46
+48,28
@@
paths:
auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts'
apt::sources::debian::location: 'https://deb.debian.org/debian/'
auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts'
apt::sources::debian::location: 'https://deb.debian.org/debian/'
-staticsync::user: 'staticsync'
-staticsync::basedir: '/srv/static.debian.org'
# all of these should be retired in favour of including the class role
# with the host. weasel, 2019-09
roles:
# all of these should be retired in favour of including the class role
# with the host. weasel, 2019-09
roles:
- bugsmx:
- - buxtehude.debian.org
- dns_primary:
- - denis.debian.org
- dns_geo:
- - geo1.debian.org
- - geo2.debian.org
- - geo3.debian.org
- extranrpeclient:
- - denis.debian.org
ftp_master:
ftp_master:
+ # XXX - used by ferm templates/defs.conf.erb
- fasolo.debian.org
mailrelay:
- fasolo.debian.org
mailrelay:
+ # XXX - ONLY used by ferm templates/defs.conf.erb
- mailly.debian.org
- muffat.debian.org
- mailly.debian.org
- muffat.debian.org
- mirrormaster:
- - melartin.debian.org
muninmaster:
muninmaster:
+ # XXX - used by ferm templates/defs.conf.erb
- menotti.debian.org
nagiosmaster:
- menotti.debian.org
nagiosmaster:
+ # XXX - used by ferm templates/defs.conf.erb
- tchaikovsky.debian.org
- tchaikovsky.debian.org
- packagesmaster:
- - picconi.debian.org
- packagesqamaster:
- - quantz.debian.org
- popcon:
- - pinel.debian.org
- qamaster:
- - quantz.debian.org
- rtmaster:
- - reger.debian.org
security_master:
security_master:
+ # XXX - used by ferm templates/defs.conf.erb
- seger.debian.org
security_mirror:
- seger.debian.org
security_mirror:
+ # XXX used also in ferm me.conf.erb
mirror-anu.debian.org:
fastly-backend: false
mirror-csail.debian.org:
mirror-anu.debian.org:
fastly-backend: false
mirror-csail.debian.org:
@@
-101,24
+104,8
@@
roles:
wieck.debian.org:
service-hostname: wieck.security.backend.mirrors.debian.org
fastly-backend: true
wieck.debian.org:
service-hostname: wieck.security.backend.mirrors.debian.org
fastly-backend: true
- security_tracker:
- - soriano.debian.org
- # single sign on relying party (host) - also required apache2 module enabled on that host via other means
- sso_rp:
- - debussy.debian.org
- - diabelli.debian.org
- - jerea.debian.org
- - nono.debian.org
- - quantz.debian.org
- - tate.debian.org
- - ticharich.debian.org
- - wilder.debian.org
- - wuiet.debian.org
- static_mirror_onion:
- - klecker.debian.org
- - mirror-isc.debian.org
- - senfter.debian.org
syncproxy:
syncproxy:
+ # XXX - used by ferm templates/defs.conf.erb
- gretchaninov.debian.org
- klecker.debian.org
- milanollo.debian.org
- gretchaninov.debian.org
- klecker.debian.org
- milanollo.debian.org
@@
-127,19
+114,18
@@
roles:
- mirror-umn.debian.org
- schmelzer.debian.org
- smit.debian.org
- mirror-umn.debian.org
- schmelzer.debian.org
- smit.debian.org
- udd:
- - ullmann.debian.org
postgres_backup_server:
postgres_backup_server:
+ # XXX - used by ferm templates/defs.conf.erb
- backuphost.debian.org
- storace.debian.org
- backuphost.debian.org
- storace.debian.org
- dabackup_client:
- - lw03.debian.org
debian_mirror:
debian_mirror:
+ # XXX used also in ferm me.conf.erb
klecker.debian.org:
listen-addresses:
- '130.89.148.12:80'
- '[2001:67c:2564:a119::148:12]:80'
onion_v4_address: 130.89.148.12
klecker.debian.org:
listen-addresses:
- '130.89.148.12:80'
- '[2001:67c:2564:a119::148:12]:80'
onion_v4_address: 130.89.148.12
+ new-klecker.debian.org: {}
mirror-accumu.debian.org:
service-hostname: accumu.debian.backend.mirrors.debian.org
fastly-backend: true
mirror-accumu.debian.org:
service-hostname: accumu.debian.backend.mirrors.debian.org
fastly-backend: true
@@
-158,13
+144,16
@@
roles:
fastly-backend: true
service-hostname: conova.debian.backend.mirrors.debian.org
historical_master:
fastly-backend: true
service-hostname: conova.debian.backend.mirrors.debian.org
historical_master:
+ # XXX - used by ferm templates/defs.conf.erb
- sibelius.debian.org
historical_mirror:
- sibelius.debian.org
historical_mirror:
+ # XXX used also in ferm me.conf.erb
- gretchaninov.debian.org
- klecker.debian.org
- schmelzer.debian.org
- sibelius.debian.org
debug_mirror:
- gretchaninov.debian.org
- klecker.debian.org
- schmelzer.debian.org
- sibelius.debian.org
debug_mirror:
+ # XXX used also in ferm me.conf.erb
mirror-accumu.debian.org:
onion_v4_address: 130.242.6.199
service-hostname: accumu.debug.backend.mirrors.debian.org
mirror-accumu.debian.org:
onion_v4_address: 130.242.6.199
service-hostname: accumu.debug.backend.mirrors.debian.org
@@
-178,17
+167,11
@@
roles:
- mirror-accumu.debian.org
- schmelzer.debian.org
ports_master:
- mirror-accumu.debian.org
- schmelzer.debian.org
ports_master:
+ # XXX - used by ferm templates/defs.conf.erb
- porta.debian.org
- porta.debian.org
- onionbalance:
- - olin.debian.org
bgp:
- mirror-accumu.debian.org
- mirror-skroutz.debian.org
bgp:
- mirror-accumu.debian.org
- mirror-skroutz.debian.org
- apache_prefork:
- # php needs this
- - quantz.debian.org
- - tchaikovsky.debian.org
- - wuiet.debian.org
postgresql_server:
# postgresql instances not managed by puppet otherwise
- bmdb1.debian.org
postgresql_server:
# postgresql instances not managed by puppet otherwise
- bmdb1.debian.org
@@
-201,18
+184,6
@@
roles:
- seger.debian.org
- snapshotdb-manda-01.debian.org
- vittoria.debian.org
- seger.debian.org
- snapshotdb-manda-01.debian.org
- vittoria.debian.org
- apache_ratelimited:
- - beach.debian.org
- - buxtehude.debian.org
- - lw07.debian.org
- - picconi.debian.org
- - pkgmirror-csail.debian.org
- - sallinen.debian.org
- snapshot_web:
- - lw07.debian.org
- - sallinen.debian.org
- snapshot_shell:
- - lw08.debian.org
classes:
- base::includes
classes:
- base::includes