X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Ftemplates%2Fsecurity_mirror%2Fsecurity.debian.org.erb;h=dc96ff218819475ff205af4bae224a21b19d0d0f;hb=1fdb3b46ac65465362f1d11c73fcf77caa76401d;hp=64f385134adfac91fcf1b6d0a93a12d82cbe44b3;hpb=42a11e1204c855d20fcc0dd11a142452538b2ebc;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/templates/security_mirror/security.debian.org.erb b/modules/roles/templates/security_mirror/security.debian.org.erb
index 64f385134..dc96ff218 100644
--- a/modules/roles/templates/security_mirror/security.debian.org.erb
+++ b/modules/roles/templates/security_mirror/security.debian.org.erb
@@ -8,9 +8,7 @@
    Options +FollowSymLinks
    Options +Indexes
    FileETag MTime Size
-   <% if @lsbmajdistrelease > '7' -%>
-     Require all granted
-   <% end -%>
+   Require all granted
 </Directory>
 
 <VirtualHost *:80>
@@ -27,27 +25,33 @@
    ServerAlias security-cdn1.debian.org
    ServerAlias security-cdn2.debian.org
    ServerAlias security-nagios.debian.org
+   <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
+   ServerAlias <%= scope.function_onion_global_service_hostname(['security.debian.org']) %>
+   <% end %>
+
 
    ExpiresActive On
    ExpiresDefault "access plus 2 minutes"
 
    Alias /debian-security /srv/ftp.root/debian-security
-
-   <Directory /srv/ftp.root/debian-security/pool>
-      <FilesMatch "\.(bz2|gz|deb|dsc|xz)$">
-         ExpiresDefault "access plus 1 month"
-         Header append Cache-Control "public"
-      </FilesMatch>
-   </Directory>
-
-   <Directory /srv/ftp.root/debian-security/dists>
-      ExpiresDefault "access plus 1 seconds"
-      Header append Cache-Control "public"
-   </Directory>
+   Use ftp-archive /srv/ftp.root/debian-security
 
    RewriteEngine on
    RewriteRule ^/$      http://www.debian.org/security/
 
+   #RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
+   #RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
+   #<% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
+   #RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
+   #<% end %>
+   #RewriteRule ^/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302]
+   #RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
+   #RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
+   #<% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
+   #RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
+   #<% end %>
+   #RewriteRule ^/debian-security/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302]
+
    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn