X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Ftemplates%2Fsecurity_mirror%2Fsecurity.debian.org.erb;h=bd1e40c54bf157eaab493037348e5d0382f381e0;hb=0cdbf9528ff5534db4fb9ad9ff8f5a585273ca48;hp=3d2e0f1e26037acc30562c25cc631433f07e3467;hpb=9ad5a2655ea0cf9d375c029dd602f5d816024af8;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/templates/security_mirror/security.debian.org.erb b/modules/roles/templates/security_mirror/security.debian.org.erb
index 3d2e0f1e2..bd1e40c54 100644
--- a/modules/roles/templates/security_mirror/security.debian.org.erb
+++ b/modules/roles/templates/security_mirror/security.debian.org.erb
@@ -3,14 +3,6 @@
 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
 ##
 
-<Directory /srv/ftp.root/debian-security>
-   IndexOptions NameWidth=* +SuppressDescription
-   Options +FollowSymLinks
-   Options +Indexes
-   FileETag MTime Size
-   Require all granted
-</Directory>
-
 <VirtualHost *:80>
    ServerAdmin debian-admin@debian.org
    DocumentRoot /srv/ftp.root/debian-security
@@ -28,6 +20,9 @@
    <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
    ServerAlias <%= scope.function_onion_global_service_hostname(['security.debian.org']) %>
    <% end %>
+   ServerAlias security.backend.mirrors.debian.org
+   ServerAlias *.security.backend.mirrors.debian.org
+   ServerAlias security.anycast-test.mirrors.debian.org
 
 
    ExpiresActive On
@@ -36,28 +31,29 @@
    Alias /debian-security /srv/ftp.root/debian-security
    Use ftp-archive /srv/ftp.root/debian-security
 
+   Alias /_health /run/dsa-mirror-health-security/health
+   <Directory /run/dsa-mirror-health-security/>
+      Require all granted
+   </Directory>
+
    RewriteEngine on
-   RewriteRule ^/$      http://www.debian.org/security/
+   RewriteRule ^/$      https://www.debian.org/security/
 
    RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
-   RewriteCond %{HTTP_USER_AGENT} !"Amazon CloudFront"
+   RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
    <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
    RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
    <% end %>
    RewriteRule ^/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302]
    RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
-   RewriteCond %{HTTP_USER_AGENT} !"Amazon CloudFront"
+   RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
    <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
    RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
    <% end %>
    RewriteRule ^/debian-security/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302]
 
-   # Possible values include: debug, info, notice, warn, error, crit,
-   # alert, emerg.
-   LogLevel warn
-
    CustomLog /var/log/apache2/security.debian.org-access.log privacy
    ServerSignature On
 </VirtualHost>
 
-# vim: set ts=3 sw=3 et:
+# vim:set syn=apache: