X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=hieradata%2Fcommon.yaml;h=e53f7e4c71d8b0446783804b28a30bd96878f5b6;hb=19bd4c6005711f958bc612a45e92292616ecfd24;hp=7b6ed20f6ac8895e05519cf1ada6fa6d18886731;hpb=6b186b90256f38a642fe32e6b9cd86afddfb5c23;p=mirror%2Fdsa-puppet.git diff --git a/hieradata/common.yaml b/hieradata/common.yaml index 7b6ed20f6..e53f7e4c7 100644 --- a/hieradata/common.yaml +++ b/hieradata/common.yaml @@ -7,8 +7,29 @@ lookup_options: apt::sources::debian::location: merge: unique +# class parameters resolv::nameservers: [] resolv::searchpaths: ['debian.org'] +staticsync::user: 'staticsync' +staticsync::basedir: '/srv/static.debian.org' + +roles::dns_primary::allow_access: + # easydns + - '64.68.200.91' + - '205.210.42.80' + # rcode0 + - '83.136.34.0/27' + - '2a02:850:8::/47' + # netnod + - '192.71.80.0/24' + - '192.36.144.222' + - '192.36.144.218' + - '194.146.105.24' + - '194.146.105.25' + - '2a01:3f0:0:27::24' + - '2a01:3f0:0:28::25' + +# other variables allow_dns_query: [] role_config__mirrors: mirror_basedir_prefix: '/srv/mirrors/' @@ -27,48 +48,23 @@ paths: auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts' apt::sources::debian::location: 'https://deb.debian.org/debian/' -staticsync::user: 'staticsync' -staticsync::basedir: '/srv/static.debian.org' # all of these should be retired in favour of including the class role # with the host. weasel, 2019-09 roles: - bugsmx: - # XXX - exim config flag only - - buxtehude.debian.org - dns_primary: - # XXX - used by ferm templates/defs.conf.erb - - denis.debian.org - dns_geo: - # XXX - used by ferm templates/defs.conf.erb - - geo1.debian.org - - geo2.debian.org - - geo3.debian.org - extranrpeclient: - # XXX - used by ferm templates/defs.conf.erb - - denis.debian.org ftp_master: # XXX - used by ferm templates/defs.conf.erb - fasolo.debian.org mailrelay: - # XXX - used by ferm templates/defs.conf.erb + # XXX - ONLY used by ferm templates/defs.conf.erb - mailly.debian.org - muffat.debian.org - mirrormaster: - # XXX - used by ferm templates/defs.conf.erb - - melartin.debian.org muninmaster: # XXX - used by ferm templates/defs.conf.erb - menotti.debian.org nagiosmaster: # XXX - used by ferm templates/defs.conf.erb - tchaikovsky.debian.org - packagesmaster: - # XXX - exim config flag only - - picconi.debian.org - packagesqamaster: - # XXX - exim config flag - - quantz.debian.org security_master: # XXX - used by ferm templates/defs.conf.erb - seger.debian.org @@ -108,22 +104,10 @@ roles: wieck.debian.org: service-hostname: wieck.security.backend.mirrors.debian.org fastly-backend: true - syncproxy: - # XXX - used by ferm templates/defs.conf.erb - - gretchaninov.debian.org - - klecker.debian.org - - milanollo.debian.org - - mirror-anu.debian.org - - mirror-isc.debian.org - - mirror-umn.debian.org - - schmelzer.debian.org - - smit.debian.org postgres_backup_server: # XXX - used by ferm templates/defs.conf.erb - backuphost.debian.org - storace.debian.org - dabackup_client: - - lw03.debian.org debian_mirror: # XXX used also in ferm me.conf.erb klecker.debian.org: @@ -131,6 +115,7 @@ roles: - '130.89.148.12:80' - '[2001:67c:2564:a119::148:12]:80' onion_v4_address: 130.89.148.12 + new-klecker.debian.org: {} mirror-accumu.debian.org: service-hostname: accumu.debian.backend.mirrors.debian.org fastly-backend: true @@ -174,8 +159,6 @@ roles: ports_master: # XXX - used by ferm templates/defs.conf.erb - porta.debian.org - onionbalance: - - olin.debian.org bgp: - mirror-accumu.debian.org - mirror-skroutz.debian.org @@ -187,6 +170,7 @@ roles: - fasolo.debian.org - lw07.debian.org - melartin.debian.org + - postgresql-manda-01.debian.org - sallinen.debian.org - seger.debian.org - snapshotdb-manda-01.debian.org