* Give sudo to run the right {{{static-update-component}}} to the appropriate group:
{{{
- /usr/sbin/visudo -f dsa-puppet/modules/sudo/files/sudoer
+ /usr/sbin/visudo -f dsa-puppet/modules/sudo/files/sudoers
}}}
and add something like
{{{
* Add the vhost config on mirrors:
** vi {{{dsa-puppet/modules/roles/templates/static-mirroring/vhost/static-vhosts-simple.erb}}}
and add
-{{{
- vhost(lines, "debaday.debian.net" , :ssl => true)
-}}}
+<pre>
+ vhost(lines, "debaday.debian.net" , :ssl => true
+</pre>
+and
+<pre>
+ onion::service { 'debaday.debian.net' : ensure => 'ifstatic', port => 80, target_port => 80, target_address => $onion_addr }
+</pre>
** In {{{dsa-puppet/modules/roles/manifests/static_mirror_web.pp}}}, add:
{{{
ssl::service { 'debaday.debian.net' : ensure => 'ifstatic', notify => Exec['service apache2 reload'], key => true, }
}}}
-* run puppet on the master, the source, and all the mirrors. Check {{{dsa-puppet/nodes/*.yaml}}}.
+* run puppet on the master, the source, and all the mirrors. Check {{{dsa-puppet/data/nodes/*.yaml}}}.
== Adding a mirror
Note: This might temporarily break apache on the new mirror host.
-* Add host to {{{static_mirror}}} and {{{static_mirror_nopush}}} in {{{hieradata/common.yaml}}}.
+* Add {{{roles::static_mirror}}} and {{{roles::static_mirror_nopush}}} to the {{{classes}}} stanza in {{{data/nodes/$HOSTNAME.yaml}}}.
* Add {{{staticsync}}} group to host's {{{allowedGroups}}} attribute in ldap.
* Run puppet twice on new static mirror once staticsync exists.
* Run puppet on static masters.