-class roles::historical_mirror {
+# a mirror for archive.debian.org
+# @param sslname provide rsync via ssl as well
+class roles::historical_mirror(
+ Optional[String] $sslname = undef,
+){
include roles::archvsync_base
include apache2::expires
content => template('roles/apache-archive.debian.org.erb'),
}
- if has_role('historical_master') {
- $sslname = 'archive-master.debian.org'
+ if $sslname {
ssl::service { $sslname:
key => true,
tlsaport => [],
}
- } else {
- $sslname = undef
}
rsync::site { 'archive':
target_address => $onion_v4_addr,
}
}
+
+ Ferm::Rule::Simple <<| tag == 'ssh::server::from::historical_master' |>>
}