X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Ftemplates%2Fsecurity_mirror%2Fsecurity.debian.org.erb;h=917732741af9c9b7020cbde18c49c50266432c81;hb=955db7615e417fc4f8864ec059b7e0aef79d89f5;hp=3d79591ddb00f1283576d6ae96a7feb53415ea23;hpb=e541958dd68d1c67ae172e6562606cc2f0ca0b80;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/templates/security_mirror/security.debian.org.erb b/modules/roles/templates/security_mirror/security.debian.org.erb
index 3d79591dd..917732741 100644
--- a/modules/roles/templates/security_mirror/security.debian.org.erb
+++ b/modules/roles/templates/security_mirror/security.debian.org.erb
@@ -3,7 +3,7 @@
 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
 ##
 
-<VirtualHost *:80>
+<VirtualHost *:80 127.0.0.1:80 [::1]:80>
    ServerAdmin debian-admin@debian.org
    DocumentRoot /srv/mirrors/debian-security
    ServerPath /debian-security
@@ -41,18 +41,16 @@
 
    RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
    RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
+   RewriteCond %{HTTP_USER_AGENT} "!check_http"
+   RewriteCond %{HTTP_USER_AGENT} "!dsa-check-mirrorsync"
+   RewriteCond %{HTTP_USER_AGENT} "!mirror-health"
    <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
    RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
    <% end %>
-   RewriteRule ^/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302]
-   RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
-   RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
-   <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
-   RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
-   <% end %>
-   RewriteRule ^/debian-security/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302]
+   RewriteCond %{REQUEST_URI} "!=/_health"
+   RewriteRule ^/(.*) http://security-cdn.debian.org/$1 [L,R=302]
 
-   CustomLog /var/log/apache2/security.debian.org-access.log privacy
+   CustomLog /var/log/apache2/security.debian.org-access.log combined
    ServerSignature On
 </VirtualHost>