X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Ftemplates%2Fsecurity_mirror%2Fsecurity.debian.org.erb;h=ce8e82a2b3ea6312749c9c46d0fa86a315f568d7;hb=901a2500474ca42f467962c570fc580336145da0;hp=f28b4986944ac98bcce04f389f3bbdb757b386c0;hpb=be4d8007860aff43c5da575d18a66c1d0abafe6a;p=mirror%2Fdsa-puppet.git diff --git a/modules/roles/templates/security_mirror/security.debian.org.erb b/modules/roles/templates/security_mirror/security.debian.org.erb index f28b49869..ce8e82a2b 100644 --- a/modules/roles/templates/security_mirror/security.debian.org.erb +++ b/modules/roles/templates/security_mirror/security.debian.org.erb @@ -5,7 +5,7 @@ ServerAdmin debian-admin@debian.org - DocumentRoot /srv/ftp.root/debian-security + DocumentRoot /srv/mirrors/debian-security ServerPath /debian-security ServerName security.debian.org ServerAlias security.ipv6.debian.org @@ -20,30 +20,39 @@ <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%> ServerAlias <%= scope.function_onion_global_service_hostname(['security.debian.org']) %> <% end %> + ServerAlias security.backend.mirrors.debian.org ServerAlias *.security.backend.mirrors.debian.org + ServerAlias security.anycast-test.mirrors.debian.org ExpiresActive On ExpiresDefault "access plus 2 minutes" - Alias /debian-security /srv/ftp.root/debian-security - Use ftp-archive /srv/ftp.root/debian-security + Alias /debian-security /srv/mirrors/debian-security + Use ftp-archive /srv/mirrors/debian-security + + Alias /_health /run/dsa-mirror-health-security/health + + Require all granted + RewriteEngine on - RewriteRule ^/$ http://www.debian.org/security/ - - #RewriteCond %{HTTP:Fastly-Client-IP} !. [NV] - #RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront" - #<% if scope.function_onion_global_service_hostname(['security.debian.org']) -%> - #RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>" - #<% end %> - #RewriteRule ^/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302] - #RewriteCond %{HTTP:Fastly-Client-IP} !. [NV] - #RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront" - #<% if scope.function_onion_global_service_hostname(['security.debian.org']) -%> - #RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>" - #<% end %> - #RewriteRule ^/debian-security/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302] + RewriteRule ^/$ https://www.debian.org/security/ + + RewriteCond %{HTTP:Fastly-Client-IP} !. [NV] + RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront" + RewriteCond %{HTTP_USER_AGENT} "!check_http" + <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%> + RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>" + <% end %> + RewriteRule ^/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302] + RewriteCond %{HTTP:Fastly-Client-IP} !. [NV] + RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront" + RewriteCond %{HTTP_USER_AGENT} "!check_http" + <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%> + RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>" + <% end %> + RewriteRule ^/debian-security/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302] CustomLog /var/log/apache2/security.debian.org-access.log privacy ServerSignature On