projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
insecure_ssl "role" -> ssl class parameter
[mirror/dsa-puppet.git] / hieradata / common.yaml
diff --git a/hieradata/common.yaml b/hieradata/common.yaml
index 9a43b82..24069f1 100644 (file)
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@@ -1,7 +1,14 @@
 ---
-nameservers: []
-searchpaths: []
-resolvoptions: []
+
+lookup_options:
+  # with merge: unique entries in other hiera sources add to the array
+  resolv::searchpaths:
+    merge: unique
+  apt::sources::debian::location:
+    merge: unique
+
+resolv::nameservers: []
+resolv::searchpaths: ['debian.org']
 allow_dns_query: []
 role_config__mirrors:
   mirror_basedir_prefix: '/srv/mirrors/'
@@ -18,6 +25,13 @@ paths:
   letsencrypt_dir: '/srv/puppet.debian.org/from-letsencrypt'
   auto_certs_dir: '/srv/puppet.debian.org/ca/RESULT/certs'
   auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts'
+apt::sources::debian::location: 'https://deb.debian.org/debian/'
+
+staticsync::user: 'staticsync'
+staticsync::basedir: '/srv/static.debian.org'
+
+# all of these should be retired in favour of including the class role
+# with the host. weasel, 2019-09
 roles:
   bugsmx:
     - buxtehude.debian.org
@@ -28,8 +42,6 @@ roles:
   bugs_base:
     - buxtehude.debian.org
     - beach.debian.org
-  buildd_master:
-    - wuiet.debian.org
   contributors:
     - nono.debian.org
   dbmaster:
@@ -59,8 +71,6 @@ roles:
     - adayevskaya.debian.org
   historicalpackages:
     - hier.debian.org
-  jenkins:
-    - jerea.debian.org
   keyring:
     - kaufmann.debian.org
   lists:
@@ -98,8 +108,6 @@ roles:
   pubsub:
     - rainier.debian.org
     - rapoport.debian.org
-  puppetmaster:
-    - handel.debian.org
   qamaster:
     - quantz.debian.org
   rtmaster:
@@ -110,16 +118,11 @@ roles:
     - wolkenstein.debian.org
   search_frontend:
     - cgi-grnet-01.debian.org
-  archvsync_base_additional:
-  # this is usually pulled in by *-mirror or syncproxy roles
-    - dummy
   security_master:
     - seger.debian.org
   security_mirror:
     mirror-anu.debian.org:
       fastly-backend: false
-    mirror-conova.debian.org:
-      fastly-backend: false
     mirror-csail.debian.org:
       fastly-backend: false
     mirror-isc.debian.org:
@@ -172,50 +175,20 @@ roles:
     - tate.debian.org
     - ticharich.debian.org
     - wilder.debian.org
-  static_master:
-    - dillon.debian.org
-    - fasolo.debian.org
-    - porta.debian.org
-    - static-master-grnet-01.debian.org
-  static_mirror:
-    - klecker.debian.org
-    - mirror-anu.debian.org
-    - mirror-csail.debian.org
-    - mirror-isc.debian.org
-    - senfter.debian.org
-    - santoro.debian.org
+    - wuiet.debian.org
   static_mirror_onion:
     - klecker.debian.org
     - mirror-isc.debian.org
     - senfter.debian.org
-  # when adding a new static mirror, allow it to sync etc, but do not push to it and wait for it.  For this, also add it to static_mirror_nopush.
-  static_mirror_nopush:
-    - dummy
-  static_source:
-    - boott.debian.org
-    - casulana.debian.org
-    - coccia.debian.org
-    - dillon.debian.org
-    - donizetti.debian.org
-    - fasolo.debian.org
-    - lindsay.debian.org
-    - manziarly.debian.org
-    - mekeel.debian.org
-    - melartin.debian.org
-    - porta.debian.org
-    - philp.debian.org
-    - respighi.debian.org
-    - wolkenstein.debian.org
-    - wuiet.debian.org
   syncproxy:
     - gretchaninov.debian.org
     - klecker.debian.org
     - milanollo.debian.org
     - mirror-anu.debian.org
-    - mirror-conova.debian.org
     - mirror-isc.debian.org
     - mirror-umn.debian.org
     - schmelzer.debian.org
+    - smit.debian.org
   tracker:
     - ticharich.debian.org
   udd:
@@ -249,10 +222,6 @@ roles:
     - lw03.debian.org
   gobby_debian_org:
     - gombert.debian.org
-  veyepar.debian.org:
-    - vittoria.debian.org
-  sreview.debian.org:
-    - vittoria.debian.org
   debian_mirror:
     klecker.debian.org:
       listen-addresses:
@@ -265,42 +234,37 @@ roles:
     mirror-skroutz.debian.org:
       service-hostname: skroutz.debian.backend.mirrors.debian.org
       fastly-backend: true
-    mirror-conova.debian.org:
-      service-hostname: conova.debian.backend.mirrors.debian.org
-      listen-addresses:
-        - '217.196.149.232:80'
-        - '[2a02:16a8:dc41:100::232]:80'
-      fastly-backend: true
     mirror-isc.debian.org:
       listen-addresses:
         - '149.20.4.15:80'
         - '[2001:4f8:1:c::15]:80'
       onion_v4_address: 149.20.4.15
     schmelzer.debian.org:
+      listen-addresses:
+        - '217.196.149.232:80'
+        - '[2a02:16a8:dc41:100::232]:80'
+      fastly-backend: true
       service-hostname: conova.debian.backend.mirrors.debian.org
   historical_master:
     - sibelius.debian.org
   historical_mirror:
     - gretchaninov.debian.org
     - klecker.debian.org
-    - mirror-conova.debian.org
     - schmelzer.debian.org
     - sibelius.debian.org
   debug_mirror:
-    mirror-conova.debian.org:
+    mirror-accumu.debian.org:
+      onion_v4_address: 130.242.6.199
+      service-hostname: accumu.debug.backend.mirrors.debian.org
+    schmelzer.debian.org:
       listen-addresses:
         - '217.196.149.232:80'
         - '[2a02:16a8:dc41:100::232]:80'
       onion_v4_address: 217.196.149.232
       service-hostname: conova.debug.backend.mirrors.debian.org
-    mirror-accumu.debian.org:
-      onion_v4_address: 130.242.6.199
-      service-hostname: accumu.debug.backend.mirrors.debian.org
-    schmezler.debian.org:
-      service-hostname: conova.debug.backend.mirrors.debian.org
   debug_mirror_onion:
     - mirror-accumu.debian.org
-    - mirror-conova.debian.org
+    - schmelzer.debian.org
   ports_mirror:
     - klecker.debian.org
     - mirror-isc.debian.org
@@ -324,7 +288,6 @@ roles:
   onionbalance:
     - olin.debian.org
   bgp:
-    - mirror-conova.debian.org
     - mirror-accumu.debian.org
     - mirror-skroutz.debian.org
   cdimage-search:
@@ -340,21 +303,14 @@ roles:
     - buxtehude.debian.org
     - danzi.debian.org
     - fasolo.debian.org
+    - lw07.debian.org
     - melartin.debian.org
     - sallinen.debian.org
     - seger.debian.org
-    - sibelius.debian.org
+    - snapshotdb-manda-01.debian.org
     - vittoria.debian.org
-  salsa.debian.org:
-    - godard.debian.org
-  insecure_ssl:
-    - debussy.debian.org
-    - godard.debian.org
   debsources:
     - sor.debian.org
-  ipsec:
-    - fasolo.debian.org
-    - storace.debian.org
   debconf_wafer:
     - debussy.debian.org
   apache_not_public:
@@ -370,10 +326,11 @@ roles:
     - sallinen.debian.org
   cdbuilder_local_mirror:
     - casulana.debian.org
-  alioth_archive:
-    - grabbe.debian.org
   snapshot_web:
     - lw07.debian.org
     - sallinen.debian.org
-  anonscm:
-    - cgi-grnet-01.debian.org
+  snapshot_shell:
+    - lw08.debian.org
+
+classes:
+  - base::includes
Unnamed repository; edit this file 'description' to name the repository.