X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fhistorical_mirror.pp;h=6fb428297a3a71e7a8e473f3b1b6b86117fdecbe;hb=a0d0b0d1b7a695b32e9078d6f551249861c775b9;hp=101ecaef6e8a869a71b386db3338d67c255126f6;hpb=18f26a9ca182f25cbdfc4c1532e2d34898295e92;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/historical_mirror.pp b/modules/roles/manifests/historical_mirror.pp
index 101ecaef6..6fb428297 100644
--- a/modules/roles/manifests/historical_mirror.pp
+++ b/modules/roles/manifests/historical_mirror.pp
@@ -1,25 +1,26 @@
 # a mirror for archive.debian.org
 # @param sslname provide rsync via ssl as well
+# @param listen_addr IP addresses to have apache listen on
 class roles::historical_mirror(
   Optional[String] $sslname = undef,
+  Array[Stdlib::IP::Address] $listen_addr = [],
 ){
   include roles::archvsync_base
-  include apache2::expires
 
-  $mirror_basedir_prefix = hiera('role_config__mirrors.mirror_basedir_prefix')
-  $archive_root = "${mirror_basedir_prefix}debian-archive"
+  include apache2
+  include apache2::expires
 
-  $binds = $::hostname ? {
-    gretchaninov => ['209.87.16.41'   , '[2607:f8f0:614:1::1274:41]'          ],
-    klecker      => ['130.89.148.13'  , '[2001:67c:2564:a119::148:13]'        ],
-    schmelzer    => ['217.196.149.234', '[2a02:16a8:dc41:100::234]'           ],
-    sibelius     => ['193.62.202.28'  , '[2001:630:206:4000:1a1a:0:c13e:ca1c]'],
-    default      => ['[::]'],
+  $enclosed_addresses_rsync = empty($listen_addr) ? {
+    true    => ['[::]'],
+    default => enclose_ipv6($listen_addr),
   }
-
-  $onion_v4_addr = $::hostname ? {
-    default => undef,
+  $_enclosed_addresses = empty($listen_addr) ? {
+    true    => ['*'],
+    default => enclose_ipv6($listen_addr),
   }
+  $vhost_listen = $_enclosed_addresses.map |$a| { "${a}:80" } .join(' ')
+  $mirror_basedir_prefix = hiera('role_config__mirrors.mirror_basedir_prefix')
+  $archive_root = "${mirror_basedir_prefix}debian-archive"
 
   apache2::site { '010-archive.debian.org':
     site    => 'archive.debian.org',
@@ -32,24 +33,11 @@ class roles::historical_mirror(
       tlsaport => [],
     }
   }
-
   rsync::site { 'archive':
     content     => template('roles/historical_mirror/rsyncd.conf.erb'),
     max_clients => 100,
     sslname     => $sslname,
-    binds       => $binds,
-  }
-
-  if has_role('historical_mirror_onion') {
-    if ! $onion_v4_addr {
-      fail("Do not have an onion_v4_addr set for ${::hostname}.")
-    }
-
-    onion::service { 'archive.debian.org':
-      port           => 80,
-      target_port    => 80,
-      target_address => $onion_v4_addr,
-    }
+    binds       => $enclosed_addresses_rsync,
   }
 
   Ferm::Rule::Simple <<| tag == 'ssh::server::from::historical_master' |>>