X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Ftemplates%2Fsecurity_mirror%2Fsecurity.debian.org.erb;h=917732741af9c9b7020cbde18c49c50266432c81;hb=562a5017ec445c5a1fbf163b9d5a10667a9f17ea;hp=dc96ff218819475ff205af4bae224a21b19d0d0f;hpb=dd55020ac8fe5089902f560429cbad3f9d0dbed9;p=mirror%2Fdsa-puppet.git
diff --git a/modules/roles/templates/security_mirror/security.debian.org.erb b/modules/roles/templates/security_mirror/security.debian.org.erb
index dc96ff218..917732741 100644
--- a/modules/roles/templates/security_mirror/security.debian.org.erb
+++ b/modules/roles/templates/security_mirror/security.debian.org.erb
@@ -3,17 +3,9 @@
## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
##
-
- IndexOptions NameWidth=* +SuppressDescription
- Options +FollowSymLinks
- Options +Indexes
- FileETag MTime Size
- Require all granted
-
-
-
+
ServerAdmin debian-admin@debian.org
- DocumentRoot /srv/ftp.root/debian-security
+ DocumentRoot /srv/mirrors/debian-security
ServerPath /debian-security
ServerName security.debian.org
ServerAlias security.ipv6.debian.org
@@ -28,36 +20,38 @@
<% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
ServerAlias <%= scope.function_onion_global_service_hostname(['security.debian.org']) %>
<% end %>
+ ServerAlias security.backend.mirrors.debian.org
+ ServerAlias *.security.backend.mirrors.debian.org
+ ServerAlias security.anycast-test.mirrors.debian.org
ExpiresActive On
ExpiresDefault "access plus 2 minutes"
- Alias /debian-security /srv/ftp.root/debian-security
- Use ftp-archive /srv/ftp.root/debian-security
+ Alias /debian-security /srv/mirrors/debian-security
+ Use ftp-archive /srv/mirrors/debian-security
+
+ Alias /_health /run/dsa-mirror-health-security/health
+
+ Require all granted
+
RewriteEngine on
- RewriteRule ^/$ http://www.debian.org/security/
-
- #RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
- #RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
- #<% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
- #RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
- #<% end %>
- #RewriteRule ^/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302]
- #RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
- #RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
- #<% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
- #RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
- #<% end %>
- #RewriteRule ^/debian-security/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302]
-
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
- LogLevel warn
-
- CustomLog /var/log/apache2/security.debian.org-access.log privacy
+ RewriteRule ^/$ https://www.debian.org/security/
+
+ RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
+ RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
+ RewriteCond %{HTTP_USER_AGENT} "!check_http"
+ RewriteCond %{HTTP_USER_AGENT} "!dsa-check-mirrorsync"
+ RewriteCond %{HTTP_USER_AGENT} "!mirror-health"
+ <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
+ RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
+ <% end %>
+ RewriteCond %{REQUEST_URI} "!=/_health"
+ RewriteRule ^/(.*) http://security-cdn.debian.org/$1 [L,R=302]
+
+ CustomLog /var/log/apache2/security.debian.org-access.log combined
ServerSignature On
-# vim: set ts=3 sw=3 et:
+# vim:set syn=apache: