Simplify lookups now that security_mirror is a hash

[mirror/dsa-puppet.git] / modules / roles / manifests / security_mirror.pp

diff --git a/modules/roles/manifests/security_mirror.pp b/modules/roles/manifests/security_mirror.pp
index 603c3c7..c7afdeb 100644 (file)
--- a/modules/roles/manifests/security_mirror.pp
+++ b/modules/roles/manifests/security_mirror.pp
@@ -36,19 +36,20 @@ class roles::security_mirror {
                content => template('roles/security_mirror/security.debian.org.erb')
        }
 
-       if has_role('security_mirror_no_ftp') {
-               vsftpd::site { 'security':
-                       ensure => absent,
-                       root   => '/nonexistent',
-               }
-       } else {
-               vsftpd::site { 'security':
-                       banner       => 'security.debian.org FTP server (vsftpd)',
-                       logfile      => '/var/log/ftp/vsftpd-security.debian.org.log',
-                       max_clients  => 200,
-                       root         => '/srv/ftp.root/',
-                       binds        => $binds,
-               }
+        $mirrors = hiera('roles.security_mirror', {})
+        $fastly_mirrors = $mirrors.filter |$h| { $h[1]['fastly-backend'] }
+        $hosts_to_check = $fastly_mirrors.map |$h| { $h[1]['service-hostname'] }
+
+        roles::mirror_health { 'security':
+               check_hosts   => $hosts_to_check,
+               check_service => 'security',
+               url           => 'http://security.backend.mirrors.debian.org/debian/dists/sid/Release',
+               health_url    => 'http://security.backend.mirrors.debian.org/_health',
+        }
+
+       vsftpd::site { 'security':
+               ensure => absent,
+               root   => '/nonexistent',
        }
 
        rsync::site { 'security':