projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
move loghost from a "role" in hieradata/common.yaml to a role that is included via...
[mirror/dsa-puppet.git]
/
modules
/
roles
/
manifests
/
init.pp
diff --git
a/modules/roles/manifests/init.pp
b/modules/roles/manifests/init.pp
index
efde596
..
4cae49c
100644
(file)
--- a/
modules/roles/manifests/init.pp
+++ b/
modules/roles/manifests/init.pp
@@
-17,11
+17,7
@@
class roles {
}
if has_role('nagiosmaster') {
}
if has_role('nagiosmaster') {
- # include nagios::server
- ssl::service { 'nagios.debian.org':
- notify => Exec['service apache2 reload'],
- key => true,
- }
+ include nagios::server
}
# XXX: turn this into a real role
}
# XXX: turn this into a real role
@@
-43,8
+39,13
@@
class roles {
notify => Exec['service apache2 reload'],
key => true,
}
notify => Exec['service apache2 reload'],
key => true,
}
+ @ferm::rule { 'dsa-bugs-abusers':
+ prio => "005",
+ rule => "saddr (220.243.135/24 220.243.136/24) DROP",
+ }
}
if has_role('bugs_master') {
}
if has_role('bugs_master') {
+ ssl::service { 'bugs-devel.debian.org': notify => Exec['service apache2 reload'], key => true, }
ssl::service { 'bugs-master.debian.org': notify => Exec['service apache2 reload'], key => true, }
}
ssl::service { 'bugs-master.debian.org': notify => Exec['service apache2 reload'], key => true, }
}
@@
-70,12
+71,6
@@
class roles {
if has_role('debian_mirror') {
include roles::debian_mirror
}
if has_role('debian_mirror') {
include roles::debian_mirror
}
- if has_role('ftp.d.o') {
- vsftpd::site { 'ftp':
- ensure => absent,
- root => '/nonexistent',
- }
- }
if has_role('ftp_master') {
include roles::ftp_master
include roles::dakmaster
if has_role('ftp_master') {
include roles::ftp_master
include roles::dakmaster
@@
-102,8
+97,7
@@
class roles {
include roles::security_master
include roles::dakmaster
}
include roles::security_master
include roles::dakmaster
}
- $zz = has_role('security_mirror')
- notice("Has security mirror role? '${zz}'")
+
if has_role('security_mirror') {
include roles::security_mirror
}
if has_role('security_mirror') {
include roles::security_mirror
}
@@
-167,6
+161,10
@@
class roles {
include named::primary
}
include named::primary
}
+ if has_role('dns_geo') {
+ include named::geodns
+ }
+
if has_role('weblog_destination') {
include roles::weblog_destination
}
if has_role('weblog_destination') {
include roles::weblog_destination
}
@@
-284,15
+282,23
@@
class roles {
include roles::dgit_git
}
include roles::dgit_git
}
- if $::hostname in [lw01, lw02, lw03, lw04] {
+ if $::hostname in [lw01, lw02, lw03, lw04
, lw09, lw10
] {
include roles::snapshot
}
include roles::snapshot
}
+ if has_role('snapshot_web') {
+ include roles::snapshot_web
+ }
+
+ if has_role('snapshot_shell') {
+ include roles::snapshot_shell
+ }
+
if has_role('veyepar.debian.org') {
if has_role('veyepar.debian.org') {
- ssl::service { 'veyepar.debian.org': notify => Exec['service apache2 reload'], key => true, }
+ include roles::veyepar
}
if has_role('sreview.debian.org') {
}
if has_role('sreview.debian.org') {
- ssl::service { 'sreview.debian.net': notify => Exec['service apache2 reload'], key => true, }
+ include roles::sreview
}
if has_role('debtags') {
}
if has_role('debtags') {
@@
-377,4
+383,15
@@
class roles {
if has_role('debconf_wafer') {
include roles::debconf_wafer
}
if has_role('debconf_wafer') {
include roles::debconf_wafer
}
+
+ if has_role('cdbuilder_local_mirror') {
+ include roles::cdbuilder_local_mirror
+ }
+
+ if has_role('alioth_archive') {
+ include roles::alioth_archive
+ }
+ if has_role('anonscm') {
+ include roles::anonscm
+ }
}
}