---
-searchpaths: []
-resolvoptions: []
-cluster: ''
+
+lookup_options:
+ # with merge: unique entries in other hiera sources add to the array
+ resolv::searchpaths:
+ merge: unique
+ apt::sources::debian::location:
+ merge: unique
+
+# class parameters
+resolv::nameservers: []
+resolv::searchpaths: ['debian.org']
+staticsync::user: 'staticsync'
+staticsync::basedir: '/srv/static.debian.org'
+
+roles::dns_primary::allow_access:
+ # easydns
+ - '64.68.200.91'
+ - '205.210.42.80'
+ # rcode0
+ - '83.136.34.0/27'
+ - '2a02:850:8::/47'
+ # netnod
+ - '192.71.80.0/24'
+ - '192.36.144.222'
+ - '192.36.144.218'
+ - '194.146.105.24'
+ - '194.146.105.25'
+ - '2a01:3f0:0:27::24'
+ - '2a01:3f0:0:28::25'
+
+# other variables
+allow_dns_query: []
+role_config__mirrors:
+ mirror_basedir_prefix: '/srv/mirrors/'
+role_config__syncproxy:
+ mirror_basedir_prefix: '/srv/mirrors/'
+samhain_recipients:
+ - 'debian-archive-debian-samhain-reports@master.debian.org'
+ - 'debian-admin@ftbfs.de'
+ - 'weasel@debian.org'
+ - 'zumbi@oron.es'
+root_mail_alias:
+ - 'debian-admin@debian.org'
+paths:
+ letsencrypt_dir: '/srv/puppet.debian.org/from-letsencrypt'
+ auto_certs_dir: '/srv/puppet.debian.org/ca/RESULT/certs'
+ auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts'
+apt::sources::debian::location: 'https://deb.debian.org/debian/'
+
+
+# all of these should be retired in favour of including the class role
+# with the host. weasel, 2019-09
+roles:
+ ftp_master:
+ # XXX - used by ferm templates/defs.conf.erb
+ - fasolo.debian.org
+ mailrelay:
+ # XXX - ONLY used by ferm templates/defs.conf.erb
+ - mailly.debian.org
+ - muffat.debian.org
+ muninmaster:
+ # XXX - used by ferm templates/defs.conf.erb
+ - menotti.debian.org
+ nagiosmaster:
+ # XXX - used by ferm templates/defs.conf.erb
+ - tchaikovsky.debian.org
+ security_master:
+ # XXX - used by ferm templates/defs.conf.erb
+ - seger.debian.org
+ security_mirror:
+ # XXX used also in ferm me.conf.erb
+ mirror-anu.debian.org:
+ fastly-backend: false
+ mirror-csail.debian.org:
+ fastly-backend: false
+ mirror-isc.debian.org:
+ onion_v4_address: 149.20.4.14
+ mirror-umn.debian.org:
+ onion_v4_address: 128.101.240.215
+ mirror-accumu.debian.org:
+ fastly-backend: false
+ mirror-skroutz.debian.org:
+ fastly-backend: false
+ lobos.debian.org:
+ service-hostname: lobos.security.backend.mirrors.debian.org
+ fastly-backend: false
+ onion_v4_address: 212.211.132.250
+ santoro.debian.org:
+ fastly-backend: false
+ schmelzer.debian.org:
+ fastly-backend: false
+ schumann.debian.org:
+ service-hostname: schumann.security.backend.mirrors.debian.org
+ fastly-backend: true
+ setoguchi.debian.org:
+ fastly-backend: false
+ sechter.debian.org:
+ fastly-backend: false
+ villa.debian.org:
+ service-hostname: villa.security.backend.mirrors.debian.org
+ fastly-backend: true
+ onion_v4_address: 212.211.132.32
+ wieck.debian.org:
+ service-hostname: wieck.security.backend.mirrors.debian.org
+ fastly-backend: true
+ postgres_backup_server:
+ # XXX - used by ferm templates/defs.conf.erb
+ - backuphost.debian.org
+ - storace.debian.org
+ debian_mirror:
+ # XXX used also in ferm me.conf.erb
+ klecker.debian.org:
+ listen-addresses:
+ - '130.89.148.12:80'
+ - '[2001:67c:2564:a119::148:12]:80'
+ onion_v4_address: 130.89.148.12
+ new-klecker.debian.org: {}
+ mirror-accumu.debian.org:
+ service-hostname: accumu.debian.backend.mirrors.debian.org
+ fastly-backend: true
+ mirror-skroutz.debian.org:
+ service-hostname: skroutz.debian.backend.mirrors.debian.org
+ fastly-backend: true
+ mirror-isc.debian.org:
+ listen-addresses:
+ - '149.20.4.15:80'
+ - '[2001:4f8:1:c::15]:80'
+ onion_v4_address: 149.20.4.15
+ schmelzer.debian.org:
+ listen-addresses:
+ - '217.196.149.232:80'
+ - '[2a02:16a8:dc41:100::232]:80'
+ fastly-backend: true
+ service-hostname: conova.debian.backend.mirrors.debian.org
+ historical_master:
+ # XXX - used by ferm templates/defs.conf.erb
+ - sibelius.debian.org
+ historical_mirror:
+ # XXX used also in ferm me.conf.erb
+ - gretchaninov.debian.org
+ - klecker.debian.org
+ - schmelzer.debian.org
+ - sibelius.debian.org
+ debug_mirror:
+ # XXX used also in ferm me.conf.erb
+ mirror-accumu.debian.org:
+ onion_v4_address: 130.242.6.199
+ service-hostname: accumu.debug.backend.mirrors.debian.org
+ schmelzer.debian.org:
+ listen-addresses:
+ - '217.196.149.232:80'
+ - '[2a02:16a8:dc41:100::232]:80'
+ onion_v4_address: 217.196.149.232
+ service-hostname: conova.debug.backend.mirrors.debian.org
+ debug_mirror_onion:
+ - mirror-accumu.debian.org
+ - schmelzer.debian.org
+ ports_master:
+ # XXX - used by ferm templates/defs.conf.erb
+ - porta.debian.org
+ bgp:
+ - mirror-accumu.debian.org
+ - mirror-skroutz.debian.org
+ postgresql_server:
+ # postgresql instances not managed by puppet otherwise
+ - bmdb1.debian.org
+ - buxtehude.debian.org
+ - danzi.debian.org
+ - fasolo.debian.org
+ - lw07.debian.org
+ - melartin.debian.org
+ - postgresql-manda-01.debian.org
+ - sallinen.debian.org
+ - seger.debian.org
+ - snapshotdb-manda-01.debian.org
+ - vittoria.debian.org
+
+classes:
+ - base::includes
projects / mirror / dsa-puppet.git / blobdiff