Disable reverse lookup in rsyncd

[mirror/dsa-puppet.git] / modules / roles / templates / syncproxy / rsyncd.conf.erb

diff --git a/modules/roles/templates/syncproxy/rsyncd.conf.erb b/modules/roles/templates/syncproxy/rsyncd.conf.erb
index 39673a7..14a6d07 100644 (file)
--- a/modules/roles/templates/syncproxy/rsyncd.conf.erb
+++ b/modules/roles/templates/syncproxy/rsyncd.conf.erb
@@ -1,50 +1,55 @@
 uid = nobody
 gid = nogroup
-max connections = 30
 syslog facility = daemon
 socket options = SO_KEEPALIVE
+reverse lookup = false
 timeout = 7200
 
 # weasel 2007-11-19
 log file =  /var/log/rsyncd/rsyncd-syncproxy.log
 
+read only = true
+ignore nonreadable = true
+strict modes = false
+
 [debian]
   path = /srv/mirrors/debian/
-<%- unless has_variable?("has_srv_mirrors_debian") && has_srv_mirrors_debian == "true" -%>
+<%- unless has_variable?("has_srv_mirrors_debian") && @has_srv_mirrors_debian -%>
   list = no
 <%- end -%>
-  comment = Full Debian FTP Archive (contact mirrors@debian.org for access; see https://www.debian.org/mirror/size for size)
+  comment = Debian archive (contact mirrors@debian.org for access; see https://www.debian.org/mirror/size for size)
   auth users = *
-  read only = true
-  secrets file = /etc/rsyncd/debian.secrets
+  secrets file = /home/archvsync/rsyncd/debian.secrets
 
 [debian-debug]
   path = /srv/mirrors/debian-debug/
-<%- unless has_variable?("has_srv_mirrors_debian_debug") && has_srv_mirrors_debian_debug == "true" -%>
+<%- unless has_variable?("has_srv_mirrors_debian_debug") && @has_srv_mirrors_debian_debug -%>
   list = no
 <%- end -%>
-  comment = Debug packages.  Probably large.  Starting end of 2015.
+  comment = Debug packages for Debian archive (contact mirrors@debian.org for access)
   auth users = *
-  read only = true
-  secrets file = /etc/rsyncd/debian.secrets
+  secrets file = /home/archvsync/rsyncd/debian-debug.secrets
 
 [debian-ports]
   path = /srv/mirrors/debian-ports/
-<%- unless has_variable?("has_srv_mirrors_debian_debug") && has_srv_mirrors_debian_debug == "true" -%>
+<%- unless has_variable?("has_srv_mirrors_debian_debug") && @has_srv_mirrors_debian_debug -%>
   list = no
 <%- end -%>
-  comment = debian-ports tree - see https://www.ports.debian.org/
+  comment = Debian ports archive (contact mirrors@debian.org for access)
   auth users = *
-  read only = true
-  secrets file = /etc/rsyncd/debian.secrets
+  secrets file = /home/archvsync/rsyncd/debian-ports.secrets
 
 [debian-security]
   path = /srv/mirrors/debian-security/
-<%- unless has_variable?("has_srv_mirrors_debian_security") && has_srv_mirrors_debian_security == "true" -%>
+<%- unless has_variable?("has_srv_mirrors_debian_security") && @has_srv_mirrors_debian_security -%>
   list = no
 <%- end -%>
-  comment = Debian security archive (~100 GB; contact mirrors@debian.org for access)
+  comment = Debian security archive (contact mirrors@debian.org for access)
   auth users = *
-  read only = true
-  secrets file = /etc/rsyncd/debian.secrets
+  secrets file = /home/archvsync/rsyncd/debian-security.secrets
 
+[debian-security-buildd-pool]
+  path = /srv/mirrors/debian-security-buildd/pool/
+  list = no
+  auth users = *
+  secrets file = /home/archvsync/rsyncd/debian-security-buildd-pool.secrets