summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
18f26a9)
Since there are no onion mirrors right now, remove that code from the
role.
- '[2a02:16a8:dc41:100::232]:80'
fastly-backend: true
service-hostname: conova.debian.backend.mirrors.debian.org
- '[2a02:16a8:dc41:100::232]:80'
fastly-backend: true
service-hostname: conova.debian.backend.mirrors.debian.org
- historical_mirror:
- # XXX used also in ferm me.conf.erb
- - gretchaninov.debian.org
- - klecker.debian.org
- - schmelzer.debian.org
- - sibelius.debian.org
debug_mirror:
# XXX used also in ferm me.conf.erb
mirror-accumu.debian.org:
debug_mirror:
# XXX used also in ferm me.conf.erb
mirror-accumu.debian.org:
+ - roles::historical_mirror
- roles::syncproxy
roles::syncproxy::syncproxy_name: syncproxy3.wna.debian.org
roles::syncproxy::listen_addr: ['209.87.16.40', '2607:f8f0:614:1::1274:40']
- roles::syncproxy
roles::syncproxy::syncproxy_name: syncproxy3.wna.debian.org
roles::syncproxy::listen_addr: ['209.87.16.40', '2607:f8f0:614:1::1274:40']
+roles::historical_mirror::listen_addr: ['209.87.16.41', '2607:f8f0:614:1::1274:41']
+classes:
+ - roles::historical_mirror
+roles::historical_mirror::listen_addr: ['130.89.148.13', '2001:67c:2564:a119::148:13']
+ - roles::historical_mirror
- roles::syncproxy
roles::syncproxy::syncproxy_name: syncproxy4.eu.debian.org
roles::syncproxy::listen_addr: ['217.196.149.237', '2a02:16a8:dc41:100::237']
- roles::syncproxy
roles::syncproxy::syncproxy_name: syncproxy4.eu.debian.org
roles::syncproxy::listen_addr: ['217.196.149.237', '2a02:16a8:dc41:100::237']
+roles::historical_mirror::listen_addr: ['217.196.149.234', '2a02:16a8:dc41:100::234']
role_config__mirrors:
mirror_basedir_prefix: '/srv/mirrors/public-'
role_config__mirrors:
mirror_basedir_prefix: '/srv/mirrors/public-'
---
classes:
- roles::historical_master
---
classes:
- roles::historical_master
+ - roles::historical_mirror
roles::historical_mirror::sslname: archive-master.debian.org
roles::historical_mirror::sslname: archive-master.debian.org
+roles::historical_mirror::listen_addr: ['193.62.202.28', '2001:630:206:4000:1a1a:0:c13e:ca1c']
# a mirror for archive.debian.org
# @param sslname provide rsync via ssl as well
# a mirror for archive.debian.org
# @param sslname provide rsync via ssl as well
+# @param listen_addr IP addresses to have apache listen on
class roles::historical_mirror(
Optional[String] $sslname = undef,
class roles::historical_mirror(
Optional[String] $sslname = undef,
+ Array[Stdlib::IP::Address] $listen_addr = [],
){
include roles::archvsync_base
){
include roles::archvsync_base
- include apache2::expires
- $mirror_basedir_prefix = hiera('role_config__mirrors.mirror_basedir_prefix')
- $archive_root = "${mirror_basedir_prefix}debian-archive"
+ include apache2
+ include apache2::expires
- $binds = $::hostname ? {
- gretchaninov => ['209.87.16.41' , '[2607:f8f0:614:1::1274:41]' ],
- klecker => ['130.89.148.13' , '[2001:67c:2564:a119::148:13]' ],
- schmelzer => ['217.196.149.234', '[2a02:16a8:dc41:100::234]' ],
- sibelius => ['193.62.202.28' , '[2001:630:206:4000:1a1a:0:c13e:ca1c]'],
- default => ['[::]'],
+ $enclosed_addresses_rsync = empty($listen_addr) ? {
+ true => ['[::]'],
+ default => enclose_ipv6($listen_addr),
-
- $onion_v4_addr = $::hostname ? {
- default => undef,
+ $_enclosed_addresses = empty($listen_addr) ? {
+ true => ['*'],
+ default => enclose_ipv6($listen_addr),
+ $vhost_listen = $_enclosed_addresses.map |$a| { "${a}:80" } .join(' ')
+ $mirror_basedir_prefix = hiera('role_config__mirrors.mirror_basedir_prefix')
+ $archive_root = "${mirror_basedir_prefix}debian-archive"
apache2::site { '010-archive.debian.org':
site => 'archive.debian.org',
apache2::site { '010-archive.debian.org':
site => 'archive.debian.org',
rsync::site { 'archive':
content => template('roles/historical_mirror/rsyncd.conf.erb'),
max_clients => 100,
sslname => $sslname,
rsync::site { 'archive':
content => template('roles/historical_mirror/rsyncd.conf.erb'),
max_clients => 100,
sslname => $sslname,
- binds => $binds,
- }
-
- if has_role('historical_mirror_onion') {
- if ! $onion_v4_addr {
- fail("Do not have an onion_v4_addr set for ${::hostname}.")
- }
-
- onion::service { 'archive.debian.org':
- port => 80,
- target_port => 80,
- target_address => $onion_v4_addr,
- }
+ binds => $enclosed_addresses_rsync,
}
Ferm::Rule::Simple <<| tag == 'ssh::server::from::historical_master' |>>
}
Ferm::Rule::Simple <<| tag == 'ssh::server::from::historical_master' |>>
## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
##
## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
##
-<%
- if not @binds.kind_of?(Array)
- raise Puppet::Error, "binds variable is not an array"
- end
-
- vhost_listen = @binds.map{|x| x+":80" }.join(' ')
-%>
-
-
-<VirtualHost <%= vhost_listen %>>
+<VirtualHost <%= @vhost_listen %>>
ServerAdmin debian-admin@debian.org
ServerName archive.debian.org
<% if scope.function_onion_global_service_hostname(['archive.debian.org']) -%>
ServerAdmin debian-admin@debian.org
ServerName archive.debian.org
<% if scope.function_onion_global_service_hostname(['archive.debian.org']) -%>