content => template('roles/security_mirror/security.debian.org.erb')
}
- if has_role('security_mirror_no_ftp') {
- vsftpd::site_systemd { 'security':
- ensure => absent,
- root => '/nonexistent',
- }
- } else {
- vsftpd::site_systemd { 'security':
- banner => 'security.debian.org FTP server (vsftpd)',
- logfile => '/var/log/ftp/vsftpd-security.debian.org.log',
- max_clients => 200,
- root => '/srv/ftp.root/',
- binds => $binds,
- }
+ $mirrors = hiera('roles.security_mirror', {})
+ $fastly_mirrors = $mirrors.filter |$h| { $h[1]['fastly-backend'] }
+ $hosts_to_check = $fastly_mirrors.map |$h| { $h[1]['service-hostname'] }
+
+ roles::mirror_health { 'security':
+ check_hosts => $hosts_to_check,
+ check_service => 'security',
+ url => 'http://security.backend.mirrors.debian.org/debian/dists/sid/Release',
+ health_url => 'http://security.backend.mirrors.debian.org/_health',
+ }
+
+ vsftpd::site { 'security':
+ ensure => absent,
+ root => '/nonexistent',
}
- rsync::site_systemd { 'security':
+ rsync::site { 'security':
source => 'puppet:///modules/roles/security_mirror/rsyncd.conf',
max_clients => 100,
binds => $binds,
}
- $onion_v4_addr = $::hostname ? {
- mirror-anu => '150.203.164.61',
- mirror-isc => '149.20.4.14',
- mirror-umn => '128.101.240.215',
- villa => '212.211.132.32',
- lobos => '212.211.132.250',
- default => undef,
- }
- if has_role('security_mirror_onion') {
- if ! $onion_v4_addr {
- fail("Do not have an onion_v4_addr set for $::hostname.")
- }
-
+ $onion_v4_addr = hiera("roles.security_mirror", {})
+ .dig($::fqdn, 'onion_v4_address')
+ if $onion_v4_addr {
onion::service { 'security.debian.org':
port => 80,
target_port => 80,
projects / mirror / dsa-puppet.git / blobdiff