+ if has_role('security_mirror_no_ftp') {
+ vsftpd::site { 'security':
+ ensure => absent,
+ root => '/nonexistent',
+ }
+ } else {
+ vsftpd::site { 'security':
+ banner => 'security.debian.org FTP server (vsftpd)',
+ logfile => '/var/log/ftp/vsftpd-security.debian.org.log',
+ max_clients => 200,
+ root => '/srv/ftp.root/',
+ binds => $binds,
+ }
+ }
+
+ rsync::site { 'security':
+ source => 'puppet:///modules/roles/security_mirror/rsyncd.conf',
+ max_clients => 100,
+ binds => $binds,
+ }
+
+ $onion_v4_addr = $::hostname ? {
+ mirror-anu => '150.203.164.61',
+ mirror-isc => '149.20.4.14',
+ mirror-umn => '128.101.240.215',
+ villa => '212.211.132.32',
+ lobos => '212.211.132.250',
+ default => undef,
+ }
+ if has_role('security_mirror_onion') {
+ if ! $onion_v4_addr {
+ fail("Do not have an onion_v4_addr set for $::hostname.")
+ }
+
+ onion::service { 'security.debian.org':
+ port => 80,
+ target_port => 80,
+ target_address => $onion_v4_addr,
+ }
+ }