projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Publish security mirror health on _health
[mirror/dsa-puppet.git]
/
modules
/
roles
/
templates
/
security_mirror
/
security.debian.org.erb
diff --git
a/modules/roles/templates/security_mirror/security.debian.org.erb
b/modules/roles/templates/security_mirror/security.debian.org.erb
index
d4be2a4
..
ec73f2c
100644
(file)
--- a/
modules/roles/templates/security_mirror/security.debian.org.erb
+++ b/
modules/roles/templates/security_mirror/security.debian.org.erb
@@
-3,14
+3,6
@@
## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
##
## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
##
-<Directory /srv/ftp.root/debian-security>
- IndexOptions NameWidth=* +SuppressDescription
- Options +FollowSymLinks
- Options +Indexes
- FileETag MTime Size
- Require all granted
-</Directory>
-
<VirtualHost *:80>
ServerAdmin debian-admin@debian.org
DocumentRoot /srv/ftp.root/debian-security
<VirtualHost *:80>
ServerAdmin debian-admin@debian.org
DocumentRoot /srv/ftp.root/debian-security
@@
-28,6
+20,9
@@
<% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
ServerAlias <%= scope.function_onion_global_service_hostname(['security.debian.org']) %>
<% end %>
<% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
ServerAlias <%= scope.function_onion_global_service_hostname(['security.debian.org']) %>
<% end %>
+ ServerAlias security.backend.mirrors.debian.org
+ ServerAlias *.security.backend.mirrors.debian.org
+ ServerAlias security.anycast-test.mirrors.debian.org
ExpiresActive On
ExpiresActive On
@@
-36,20
+31,29
@@
Alias /debian-security /srv/ftp.root/debian-security
Use ftp-archive /srv/ftp.root/debian-security
Alias /debian-security /srv/ftp.root/debian-security
Use ftp-archive /srv/ftp.root/debian-security
+ Alias /_health /run/dsa-mirror-health-ftp/health
+ <Directory /run/dsa-mirror-health-ftp/>
+ Require all granted
+ </Directory>
+
RewriteEngine on
RewriteEngine on
- RewriteRule ^/$ http://www.debian.org/security/
+ RewriteRule ^/$ http
s
://www.debian.org/security/
RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
+ RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
+ <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
+ RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
+ <% end %>
RewriteRule ^/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302]
RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
RewriteRule ^/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302]
RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
+ RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
+ <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
+ RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
+ <% end %>
RewriteRule ^/debian-security/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302]
RewriteRule ^/debian-security/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302]
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
- LogLevel warn
-
CustomLog /var/log/apache2/security.debian.org-access.log privacy
ServerSignature On
</VirtualHost>
CustomLog /var/log/apache2/security.debian.org-access.log privacy
ServerSignature On
</VirtualHost>
-# vim:
set ts=3 sw=3 et
:
+# vim:
set syn=apache
: