bugs role cleanup

author Peter Palfrader <peter@palfrader.org>

Sun, 15 Sep 2019 07:59:12 +0000 (09:59 +0200)

committer Peter Palfrader <peter@palfrader.org>

Sun, 15 Sep 2019 07:59:12 +0000 (09:59 +0200)
author Peter Palfrader <peter@palfrader.org>
Sun, 15 Sep 2019 07:59:12 +0000 (09:59 +0200)
committer Peter Palfrader <peter@palfrader.org>
Sun, 15 Sep 2019 07:59:12 +0000 (09:59 +0200)
diff --git a/hieradata/common.yaml b/hieradata/common.yaml

index 8dec0bc..f07a226 100644 (file)
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@@ -35,11 +35,6 @@ staticsync::basedir: '/srv/static.debian.org'
  roles:
    bugsmx:
      - buxtehude.debian.org
-  bugs_master:
-    - buxtehude.debian.org
-  bugs_base:
-    - buxtehude.debian.org
-    - beach.debian.org
    contributors:
      - nono.debian.org
    dbmaster:
diff --git a/hieradata/nodes/buxtehude.debian.org.yaml b/hieradata/nodes/buxtehude.debian.org.yaml

index 7e04deb..8d9fac3 100644 (file)
--- a/hieradata/nodes/buxtehude.debian.org.yaml
+++ b/hieradata/nodes/buxtehude.debian.org.yaml
@@ -1,4 +1,7 @@
  ---
+classes:
+  - roles::bugs_master
+
  apache2::smaller_number_of_threads: true
  # debbugs cgis like to fork and don't deal well with EAGAIN
  apache2::rlimitnproc: 450
diff --git a/modules/roles/TODO b/modules/roles/TODO

new file mode 100644 (file)

index 0000000..88627d8
--- /dev/null
+++ b/modules/roles/TODO
@@ -0,0 +1,3 @@
+- the two bugs web hosts handle /srv/bugs.debian.org/cache/libravatar
+  differently.  Figure out which is best and move the definition to bugs_web.
+
diff --git a/modules/roles/manifests/bugs_master.pp b/modules/roles/manifests/bugs_master.pp

new file mode 100644 (file)

index 0000000..faaeecc
--- /dev/null
+++ b/modules/roles/manifests/bugs_master.pp
@@ -0,0 +1,6 @@
+class roles::bugs_master {
+  include roles::bugs_web
+
+  ssl::service { 'bugs-devel.debian.org': notify  => Exec['service apache2 reload'], key => true, }
+  ssl::service { 'bugs-master.debian.org': notify  => Exec['service apache2 reload'], key => true, }
+}
diff --git a/modules/roles/manifests/bugs_mirror.pp b/modules/roles/manifests/bugs_mirror.pp

index a30b05c..4a45d0e 100644 (file)
--- a/modules/roles/manifests/bugs_mirror.pp
+++ b/modules/roles/manifests/bugs_mirror.pp
@@ -1,21 +1,19 @@
  class roles::bugs_mirror {
-       include apache2
+  include roles::bugs_web
  
-       rsync::site { 'bugs_mirror':
-               source      => 'puppet:///modules/roles/bugs_mirror/rsyncd.conf',
-               max_clients => 100,
-       }
+  rsync::site { 'bugs_mirror':
+    source      => 'puppet:///modules/roles/bugs_mirror/rsyncd.conf',
+    max_clients => 100,
+  }
  
-       if $::apache2 {
-               apache2::site { '009-bugs-mirror.debian.org':
-                       site   => 'bugs-mirror.debian.org',
-                       source => 'puppet:///modules/roles/bugs_mirror/bugs-mirror.debian.org',
-               }
-       }
+  apache2::site { '009-bugs-mirror.debian.org':
+    site   => 'bugs-mirror.debian.org',
+    source => 'puppet:///modules/roles/bugs_mirror/bugs-mirror.debian.org',
+  }
  
-       file { '/srv/bugs.debian.org/cache/libravatar':
-               ensure => directory,
-               owner  => 'www-data',
-               mode   => '0755',
-       }
+  file { '/srv/bugs.debian.org/cache/libravatar':
+    ensure => directory,
+    owner  => 'www-data',
+    mode   => '0755',
+  }
  }
diff --git a/modules/roles/manifests/bugs_web.pp b/modules/roles/manifests/bugs_web.pp

new file mode 100644 (file)

index 0000000..b62fc40
--- /dev/null
+++ b/modules/roles/manifests/bugs_web.pp
@@ -0,0 +1,12 @@
+class roles::bugs_web {
+  include apache2
+
+  ssl::service { 'bugs.debian.org':
+    notify => Exec['service apache2 reload'],
+    key    => true,
+  }
+  ferm::rule { 'dsa-bugs-abusers':
+    prio => '005',
+    rule => 'saddr (220.243.135/24 220.243.136/24) DROP',
+  }
+}
diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp

index 69bd625..1277a9c 100644 (file)
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -15,21 +15,6 @@ class roles {
                 include nagios::server
         }
  
-       if has_role('bugs_base') {
-               ssl::service { 'bugs.debian.org':
-                       notify  => Exec['service apache2 reload'],
-                       key => true,
-               }
-               ferm::rule { 'dsa-bugs-abusers':
-                       prio    => "005",
-                       rule    => "saddr (220.243.135/24 220.243.136/24) DROP",
-               }
-       }
-       if has_role('bugs_master') {
-               ssl::service { 'bugs-devel.debian.org': notify  => Exec['service apache2 reload'], key => true, }
-               ssl::service { 'bugs-master.debian.org': notify  => Exec['service apache2 reload'], key => true, }
-       }
-
         if has_role('manpages-dyn') {
                 include roles::manpages_dyn
         }
author	Peter Palfrader <peter@palfrader.org>
	Sun, 15 Sep 2019 07:59:12 +0000 (09:59 +0200)
committer	Peter Palfrader <peter@palfrader.org>
	Sun, 15 Sep 2019 07:59:12 +0000 (09:59 +0200)
hieradata/common.yaml		patch \| blob \| history
hieradata/nodes/buxtehude.debian.org.yaml		patch \| blob \| history
modules/roles/TODO	[new file with mode: 0644]	patch \| blob
modules/roles/manifests/bugs_master.pp	[new file with mode: 0644]	patch \| blob
modules/roles/manifests/bugs_mirror.pp		patch \| blob \| history
modules/roles/manifests/bugs_web.pp	[new file with mode: 0644]	patch \| blob
modules/roles/manifests/init.pp		patch \| blob \| history