X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=hieradata%2Fcommon.yaml;h=f54f24ceaeba3589067759bc222444fbe689f5f6;hb=6cd11592f10a9294b671b06b8641df66354dae52;hp=00c9c169bd0778994112e6dc593b190ea894c49b;hpb=cea821fd61e9b2feeab05a6b8982c2941226172d;p=mirror%2Fdsa-puppet.git

diff --git a/hieradata/common.yaml b/hieradata/common.yaml
index 00c9c169b..f54f24cea 100644
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@@ -1,7 +1,14 @@
 ---
-nameservers: []
-searchpaths: []
-resolvoptions: []
+
+lookup_options:
+  # with merge: unique entries in other hiera sources add to the array
+  resolv::searchpaths:
+    merge: unique
+  apt::sources::debian::location:
+    merge: unique
+
+resolv::nameservers: []
+resolv::searchpaths: ['debian.org']
 allow_dns_query: []
 role_config__mirrors:
   mirror_basedir_prefix: '/srv/mirrors/'
@@ -18,24 +25,16 @@ paths:
   letsencrypt_dir: '/srv/puppet.debian.org/from-letsencrypt'
   auto_certs_dir: '/srv/puppet.debian.org/ca/RESULT/certs'
   auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts'
+apt::sources::debian::location: 'https://deb.debian.org/debian/'
+
+staticsync::user: 'staticsync'
+staticsync::basedir: '/srv/static.debian.org'
+
+# all of these should be retired in favour of including the class role
+# with the host. weasel, 2019-09
 roles:
   bugsmx:
     - buxtehude.debian.org
-  bugs_master:
-    - buxtehude.debian.org
-  bugs_mirror:
-    - beach.debian.org
-  bugs_base:
-    - buxtehude.debian.org
-    - beach.debian.org
-  buildd_master:
-    - wuiet.debian.org
-  contributors:
-    - nono.debian.org
-  dbmaster:
-    - draghi.debian.org
-  debtags:
-    - tate.debian.org
   dns_primary:
     - denis.debian.org
   dns_geo:
@@ -46,80 +45,28 @@ roles:
     - denis.debian.org
   ftp_master:
     - fasolo.debian.org
-  ftp.upload.d.o:
-    - coccia.debian.org
-    - usper.debian.org
-  api.ftp-master:
-    - coccia.debian.org
-  dgit_browse:
-    - cgi-grnet-01.debian.org
-  dgit_git:
-    - cgi-grnet-01.debian.org
-  git_master:
-    - adayevskaya.debian.org
-  historicalpackages:
-    - hier.debian.org
-  jenkins:
-    - jerea.debian.org
-  keyring:
-    - kaufmann.debian.org
-  lists:
-    - bendel.debian.org
   mailrelay:
     - mailly.debian.org
     - muffat.debian.org
-  manpages-dyn:
-    - manziarly.debian.org
-    - cgi-grnet-01.debian.org
   mirrormaster:
     - melartin.debian.org
   muninmaster:
     - menotti.debian.org
   nagiosmaster:
     - tchaikovsky.debian.org
-  nm:
-    - nono.debian.org
-  packages:
-    - picconi.debian.org
-    - pkgmirror-csail.debian.org
   packagesmaster:
     - picconi.debian.org
   packagesqamaster:
     - quantz.debian.org
-  people:
-    - paradis.debian.org
-  piuparts:
-    - pejacevic.debian.org
-  piuparts_slave:
-    - piu-slave-bm-a.debian.org
-    - piu-slave-ubc-01.debian.org
   popcon:
     - pinel.debian.org
-  pubsub:
-    - rainier.debian.org
-    - rapoport.debian.org
-  puppetmaster:
-    - handel.debian.org
-  qamaster:
-    - quantz.debian.org
   rtmaster:
     - reger.debian.org
-  rtc:
-    - vogler.debian.org
-  search_backend:
-    - wolkenstein.debian.org
-  search_frontend:
-    - cgi-grnet-01.debian.org
-  archvsync_base_additional:
-  # this is usually pulled in by *-mirror or syncproxy roles
-    - dummy
   security_master:
     - seger.debian.org
   security_mirror:
     mirror-anu.debian.org:
       fastly-backend: false
-    mirror-conova.debian.org:
-      fastly-backend: false
     mirror-csail.debian.org:
       fastly-backend: false
     mirror-isc.debian.org:
@@ -152,107 +99,26 @@ roles:
     wieck.debian.org:
       service-hostname: wieck.security.backend.mirrors.debian.org
       fastly-backend: true
-  security_tracker:
-    - soriano.debian.org
-  security_upload:
-    - suchon.debian.org
-  ssh.upload.d.o:
-    - coccia.debian.org
-    - suchon.debian.org
-    - usper.debian.org
-  sso:
-    - diabelli.debian.org
-  # single sign on relying party (host) - also required apache2 module enabled on that host via other means
-  sso_rp:
-    - debussy.debian.org
-    - diabelli.debian.org
-    - jerea.debian.org
-    - nono.debian.org
-    - quantz.debian.org
-    - tate.debian.org
-    - ticharich.debian.org
-    - wilder.debian.org
-  static_master:
-    - dillon.debian.org
-    - fasolo.debian.org
-    - porta.debian.org
-    - static-master-grnet-01.debian.org
-  static_mirror:
-    - klecker.debian.org
-    - mirror-anu.debian.org
-    - mirror-csail.debian.org
-    - mirror-isc.debian.org
-    - senfter.debian.org
-    - santoro.debian.org
   static_mirror_onion:
     - klecker.debian.org
     - mirror-isc.debian.org
     - senfter.debian.org
-  # when adding a new static mirror, allow it to sync etc, but do not push to it and wait for it.  For this, also add it to static_mirror_nopush.
-  static_mirror_nopush:
-    - dummy
-  static_source:
-    - boott.debian.org
-    - casulana.debian.org
-    - coccia.debian.org
-    - dillon.debian.org
-    - donizetti.debian.org
-    - fasolo.debian.org
-    - lindsay.debian.org
-    - manziarly.debian.org
-    - mekeel.debian.org
-    - melartin.debian.org
-    - porta.debian.org
-    - philp.debian.org
-    - respighi.debian.org
-    - wolkenstein.debian.org
-    - wuiet.debian.org
   syncproxy:
     - gretchaninov.debian.org
     - klecker.debian.org
     - milanollo.debian.org
     - mirror-anu.debian.org
-    - mirror-conova.debian.org
     - mirror-isc.debian.org
     - mirror-umn.debian.org
     - schmelzer.debian.org
-  tracker:
-    - ticharich.debian.org
+    - smit.debian.org
   udd:
     - ullmann.debian.org
-  vote:
-    - vento.debian.org
-  weblog_destination:
-    - wolkenstein.debian.org
-  weblog_provider:
-    - klecker.debian.org
-    - mirror-anu.debian.org
-    - mirror-csail.debian.org
-    - mirror-isc.debian.org
-    - mirror-umn.debian.org
-    - santoro.debian.org
-    - senfter.debian.org
-  wiki:
-    - wilder.debian.org
-  www_master:
-    - wolkenstein.debian.org
-  cgi.d.o:
-    - wolkenstein.debian.org
   postgres_backup_server:
     - backuphost.debian.org
     - storace.debian.org
-  bacula_director:
-    - dinis.debian.org
-  bacula_storage:
-    - storace.debian.org
   dabackup_client:
     - lw03.debian.org
-  gobby_debian_org:
-    - gombert.debian.org
-  veyepar.debian.org:
-    - vittoria.debian.org
-  sreview.debian.org:
-    - vittoria.debian.org
   debian_mirror:
     klecker.debian.org:
       listen-addresses:
@@ -265,8 +131,6 @@ roles:
     mirror-skroutz.debian.org:
       service-hostname: skroutz.debian.backend.mirrors.debian.org
       fastly-backend: true
-    mirror-conova.debian.org:
-      service-hostname: conova.debian.backend.mirrors.debian.org
     mirror-isc.debian.org:
       listen-addresses:
         - '149.20.4.15:80'
@@ -283,12 +147,9 @@ roles:
   historical_mirror:
     - gretchaninov.debian.org
     - klecker.debian.org
-    - mirror-conova.debian.org
     - schmelzer.debian.org
     - sibelius.debian.org
   debug_mirror:
-    mirror-conova.debian.org:
-      service-hostname: conova.debug.backend.mirrors.debian.org
     mirror-accumu.debian.org:
       onion_v4_address: 130.242.6.199
       service-hostname: accumu.debug.backend.mirrors.debian.org
@@ -300,83 +161,29 @@ roles:
       service-hostname: conova.debug.backend.mirrors.debian.org
   debug_mirror_onion:
     - mirror-accumu.debian.org
-    - mirror-conova.debian.org
     - schmelzer.debian.org
-  ports_mirror:
-    - klecker.debian.org
-    - mirror-isc.debian.org
-  ports_mirror_onion:
-    - klecker.debian.org
-    - mirror-isc.debian.org
-  planet_master:
-    - philp.debian.org
-  planet_search:
-    - philp.debian.org
-  i18n.d.o:
-    - tye.debian.org
-  l10n.d.o:
-    - tye.debian.org
-  dedup.d.n:
-    - delfin.debian.org
-  pet.d.n:
-    - petrova.debian.org
   ports_master:
     - porta.debian.org
   onionbalance:
     - olin.debian.org
   bgp:
-    - mirror-conova.debian.org
     - mirror-accumu.debian.org
     - mirror-skroutz.debian.org
-  cdimage-search:
-    - cgi-grnet-01.debian.org
-  apache_prefork:
-    # php needs this
-    - quantz.debian.org
-    - tchaikovsky.debian.org
-    - wuiet.debian.org
   postgresql_server:
     # postgresql instances not managed by puppet otherwise
     - bmdb1.debian.org
     - buxtehude.debian.org
     - danzi.debian.org
     - fasolo.debian.org
+    - lw07.debian.org
     - melartin.debian.org
     - sallinen.debian.org
     - seger.debian.org
-    - sibelius.debian.org
+    - snapshotdb-manda-01.debian.org
     - vittoria.debian.org
-  salsa.debian.org:
-    - godard.debian.org
-  insecure_ssl:
-    - debussy.debian.org
-    - godard.debian.org
-  debsources:
-    - sor.debian.org
-  ipsec:
-    - fasolo.debian.org
-    - storace.debian.org
-  debconf_wafer:
-    - debussy.debian.org
-  apache_not_public:
-    # Hosts that run apache but where it should not be open to the internet by
-    # default
-    - casulana.debian.org
-  apache_ratelimited:
-    - beach.debian.org
-    - buxtehude.debian.org
-    - lw07.debian.org
-    - picconi.debian.org
-    - pkgmirror-csail.debian.org
-    - sallinen.debian.org
-  cdbuilder_local_mirror:
-    - casulana.debian.org
-  alioth_archive:
-    - grabbe.debian.org
   snapshot_web:
     - lw07.debian.org
     - sallinen.debian.org
-  snapshot_shell:
-    - lw08.debian.org
-  anonscm:
-    - cgi-grnet-01.debian.org
+
+classes:
+  - base::includes