---
-nameservers: []
-searchpaths: []
-resolvoptions: []
+
+lookup_options:
+ # with merge: unique entries in other hiera sources add to the array
+ resolv::searchpaths:
+ merge: unique
+ apt::sources::debian::location:
+ merge: unique
+
+resolv::nameservers: []
+resolv::searchpaths: ['debian.org']
allow_dns_query: []
+role_config__mirrors:
+ mirror_basedir_prefix: '/srv/mirrors/'
+role_config__syncproxy:
+ mirror_basedir_prefix: '/srv/mirrors/'
+samhain_recipients:
+ - 'debian-archive-debian-samhain-reports@master.debian.org'
+ - 'debian-admin@ftbfs.de'
+ - 'weasel@debian.org'
+ - 'zumbi@oron.es'
+root_mail_alias:
+ - 'debian-admin@debian.org'
+paths:
+ letsencrypt_dir: '/srv/puppet.debian.org/from-letsencrypt'
+ auto_certs_dir: '/srv/puppet.debian.org/ca/RESULT/certs'
+ auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts'
+apt::sources::debian::location: 'https://deb.debian.org/debian/'
+
+staticsync::user: 'staticsync'
+staticsync::basedir: '/srv/static.debian.org'
+
+# all of these should be retired in favour of including the class role
+# with the host. weasel, 2019-09
roles:
bugsmx:
- buxtehude.debian.org
- bugs_master:
- - buxtehude.debian.org
- bugs_mirror:
- - beach.debian.org
- bugs_base:
- - buxtehude.debian.org
- - beach.debian.org
- buildd_master:
- - wuiet.debian.org
- contributors:
- - nono.debian.org
- dbmaster:
- - draghi.debian.org
- debtags:
- - tate.debian.org
dns_primary:
- denis.debian.org
dns_geo:
- geo3.debian.org
extranrpeclient:
- denis.debian.org
- ftp.d.o:
- # also see debian_mirror
- - klecker.debian.org
ftp_master:
- fasolo.debian.org
- ftp.upload.d.o:
- - coccia.debian.org
- - usper.debian.org
- api.ftp-master:
- - coccia.debian.org
- dgit_browse:
- - cgi-grnet-01.debian.org
- dgit_git:
- - cgi-grnet-01.debian.org
- git_master:
- - adayevskaya.debian.org
- httpredir:
- - httpredir-bm-01.debian.org
- - httpredir-csail-01.debian.org
- jenkins:
- - jerea.debian.org
- keyring:
- - kaufmann.debian.org
- keystone_rabbitmq:
- - rainier.debian.org
- - rapoport.debian.org
- lists:
- - bendel.debian.org
- list_search:
- - stockhausen.debian.org
mailrelay:
- mailly.debian.org
- muffat.debian.org
- manpages-dyn:
- - manziarly.debian.org
- - cgi-grnet-01.debian.org
+ mirrormaster:
+ - melartin.debian.org
muninmaster:
- menotti.debian.org
nagiosmaster:
- tchaikovsky.debian.org
- nm:
- - nono.debian.org
- packages:
- - picconi.debian.org
- - pkgmirror-csail.debian.org
packagesmaster:
- picconi.debian.org
packagesqamaster:
- quantz.debian.org
- people:
- - paradis.debian.org
- piuparts:
- - pejacevic.debian.org
popcon:
- pinel.debian.org
- pubsub:
- - rainier.debian.org
- - rapoport.debian.org
- puppetmaster:
- - handel.debian.org
qamaster:
- quantz.debian.org
rtmaster:
- reger.debian.org
- rtc:
- - vogler.debian.org
- search_backend:
- - wolkenstein.debian.org
- search_frontend:
- - cgi-grnet-01.debian.org
- archvsync_base_additional:
- # this is usually pulled in by *-mirror or syncproxy roles
- - dummy
security_master:
- seger.debian.org
security_mirror:
- - mirror-anu.debian.org
- - mirror-bytemark.debian.org
- - mirror-conova.debian.org
- - mirror-csail.debian.org
- - mirror-isc.debian.org
- - mirror-umn.debian.org
- - lobos.debian.org
- - santoro.debian.org
- - setoguchi.debian.org
- - sechter.debian.org
- - villa.debian.org
- - wieck.debian.org
- security_mirror_onion:
- - mirror-isc.debian.org
- - mirror-umn.debian.org
- - lobos.debian.org
- - villa.debian.org
- security_mirror_no_ftp:
- # hosts that are not part of security.debian.org but
- # only participiate in the anycast do not need ftp
- - mirror-bytemark.debian.org
+ mirror-anu.debian.org:
+ fastly-backend: false
+ mirror-csail.debian.org:
+ fastly-backend: false
+ mirror-isc.debian.org:
+ onion_v4_address: 149.20.4.14
+ mirror-umn.debian.org:
+ onion_v4_address: 128.101.240.215
+ mirror-accumu.debian.org:
+ fastly-backend: false
+ mirror-skroutz.debian.org:
+ fastly-backend: false
+ lobos.debian.org:
+ service-hostname: lobos.security.backend.mirrors.debian.org
+ fastly-backend: false
+ onion_v4_address: 212.211.132.250
+ santoro.debian.org:
+ fastly-backend: false
+ schmelzer.debian.org:
+ fastly-backend: false
+ schumann.debian.org:
+ service-hostname: schumann.security.backend.mirrors.debian.org
+ fastly-backend: true
+ setoguchi.debian.org:
+ fastly-backend: false
+ sechter.debian.org:
+ fastly-backend: false
+ villa.debian.org:
+ service-hostname: villa.security.backend.mirrors.debian.org
+ fastly-backend: true
+ onion_v4_address: 212.211.132.32
+ wieck.debian.org:
+ service-hostname: wieck.security.backend.mirrors.debian.org
+ fastly-backend: true
security_tracker:
- soriano.debian.org
- ssh.upload.d.o:
- - coccia.debian.org
- - usper.debian.org
- sso:
- - diabelli.debian.org
# single sign on relying party (host) - also required apache2 module enabled on that host via other means
sso_rp:
+ - debussy.debian.org
- diabelli.debian.org
- jerea.debian.org
- nono.debian.org
- tate.debian.org
- ticharich.debian.org
- wilder.debian.org
- static_master:
- - dillon.debian.org
- - fasolo.debian.org
- - porta.debian.org
- static_mirror:
- - busoni.debian.org
- - klecker.debian.org
- - mirror-anu.debian.org
- - mirror-csail.debian.org
- - mirror-isc.debian.org
- - senfter.debian.org
- - santoro.debian.org
+ - wuiet.debian.org
static_mirror_onion:
- - busoni.debian.org
- klecker.debian.org
- mirror-isc.debian.org
- senfter.debian.org
- # when adding a new static mirror, allow it to sync etc, but do not push to it and wait for it. For this, also add it to static_mirror_nopush.
- static_mirror_nopush:
- - dummy
- static_source:
- - boott.debian.org
- - coccia.debian.org
- - dillon.debian.org
- - donizetti.debian.org
- - fasolo.debian.org
- - lindsay.debian.org
- - manziarly.debian.org
- - mekeel.debian.org
- - melartin.debian.org
- - porta.debian.org
- - philp.debian.org
- - respighi.debian.org
- - wolkenstein.debian.org
- - wuiet.debian.org
syncproxy:
- gretchaninov.debian.org
- klecker.debian.org
- mirror-anu.debian.org
- mirror-isc.debian.org
- mirror-umn.debian.org
- tracker:
- - ticharich.debian.org
+ - schmelzer.debian.org
+ - smit.debian.org
udd:
- ullmann.debian.org
- vote:
- - vento.debian.org
- weblog_destination:
- - wolkenstein.debian.org
- weblog_provider:
- - busoni.debian.org
- - klecker.debian.org
- - mirror-anu.debian.org
- - mirror-csail.debian.org
- - mirror-isc.debian.org
- - mirror-umn.debian.org
- - santoro.debian.org
- - senfter.debian.org
- wiki:
- - wilder.debian.org
- www_master:
- - wolkenstein.debian.org
- cgi.d.o:
- - wolkenstein.debian.org
postgres_backup_server:
- backuphost.debian.org
- storace.debian.org
dabackup_client:
- - moszumanska.debian.org
- lw03.debian.org
- gobby_debian_org:
- - gombert.debian.org
- veyepar.debian.org:
- - vittoria.debian.org
- sreview.debian.org:
- - vittoria.debian.org
debian_mirror:
- - klecker.debian.org
- - mirror-bytemark.debian.org
- - mirror-accumu.debian.org
- - mirror-conova.debian.org
- - mirror-isc.debian.org
- debian_mirror_onion:
- - klecker.debian.org
- - mirror-bytemark.debian.org
- - mirror-isc.debian.org
+ klecker.debian.org:
+ listen-addresses:
+ - '130.89.148.12:80'
+ - '[2001:67c:2564:a119::148:12]:80'
+ onion_v4_address: 130.89.148.12
+ mirror-accumu.debian.org:
+ service-hostname: accumu.debian.backend.mirrors.debian.org
+ fastly-backend: true
+ mirror-skroutz.debian.org:
+ service-hostname: skroutz.debian.backend.mirrors.debian.org
+ fastly-backend: true
+ mirror-isc.debian.org:
+ listen-addresses:
+ - '149.20.4.15:80'
+ - '[2001:4f8:1:c::15]:80'
+ onion_v4_address: 149.20.4.15
+ schmelzer.debian.org:
+ listen-addresses:
+ - '217.196.149.232:80'
+ - '[2a02:16a8:dc41:100::232]:80'
+ fastly-backend: true
+ service-hostname: conova.debian.backend.mirrors.debian.org
historical_master:
- sibelius.debian.org
historical_mirror:
- gretchaninov.debian.org
- klecker.debian.org
- - mirror-conova.debian.org
+ - schmelzer.debian.org
- sibelius.debian.org
debug_mirror:
- - klecker.debian.org
- - mirror-conova.debian.org
- - mirror-isc.debian.org
+ mirror-accumu.debian.org:
+ onion_v4_address: 130.242.6.199
+ service-hostname: accumu.debug.backend.mirrors.debian.org
+ schmelzer.debian.org:
+ listen-addresses:
+ - '217.196.149.232:80'
+ - '[2a02:16a8:dc41:100::232]:80'
+ onion_v4_address: 217.196.149.232
+ service-hostname: conova.debug.backend.mirrors.debian.org
debug_mirror_onion:
- - klecker.debian.org
- - mirror-isc.debian.org
- ports_mirror:
- - klecker.debian.org
- - mirror-isc.debian.org
- ports_mirror_onion:
- - klecker.debian.org
- - mirror-isc.debian.org
- planet_search:
- - philp.debian.org
- i18n.d.o:
- - tye.debian.org
- l10n.d.o:
- - tye.debian.org
- dedup.d.n:
- - delfin.debian.org
- pet.d.n:
- - petrova.debian.org
+ - mirror-accumu.debian.org
+ - schmelzer.debian.org
ports_master:
- porta.debian.org
onionbalance:
- olin.debian.org
- experimental_apache:
- - beach.debian.org
- - busoni.debian.org
- - cgi-grnet-01.debian.org
- - coccia.debian.org
- - draghi.debian.org
- - klecker.debian.org
- - lobos.debian.org
- - manziarly.debian.org
- - milanollo.debian.org
- - mirror-anu.debian.org
- - mirror-bytemark.debian.org
- - mirror-conova.debian.org
- - mirror-csail.debian.org
- - mirror-isc.debian.org
- - mirror-umn.debian.org
- - pejacevic.debian.org
- - petrova.debian.org
- - philp.debian.org
- - picconi.debian.org
- - pkgmirror-csail.debian.org
- - santoro.debian.org
- - sechter.debian.org
- - senfter.debian.org
- - setoguchi.debian.org
- - ticharich.debian.org
- - villa.debian.org
- - wieck.debian.org
bgp:
- - mirror-bytemark.debian.org
- - mirror-conova.debian.org
- cdimage-search:
- - cgi-grnet-01.debian.org
+ - mirror-accumu.debian.org
+ - mirror-skroutz.debian.org
apache_prefork:
# php needs this
- quantz.debian.org
- tchaikovsky.debian.org
- wuiet.debian.org
+ postgresql_server:
+ # postgresql instances not managed by puppet otherwise
+ - bmdb1.debian.org
+ - buxtehude.debian.org
+ - danzi.debian.org
+ - fasolo.debian.org
+ - lw07.debian.org
+ - melartin.debian.org
+ - sallinen.debian.org
+ - seger.debian.org
+ - snapshotdb-manda-01.debian.org
+ - vittoria.debian.org
+ apache_ratelimited:
+ - beach.debian.org
+ - buxtehude.debian.org
+ - lw07.debian.org
+ - picconi.debian.org
+ - pkgmirror-csail.debian.org
+ - sallinen.debian.org
+ snapshot_web:
+ - lw07.debian.org
+ - sallinen.debian.org
+ snapshot_shell:
+ - lw08.debian.org
+
+classes:
+ - base::includes
projects / mirror / dsa-puppet.git / blobdiff