puppetize ftp.d.o http

diff --git a/hieradata/common.yaml b/hieradata/common.yaml
index 57b601c..f3470e1 100644 (file)
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@@ -209,6 +209,10 @@ roles:
     - vittoria.debian.org
   sreview.debian.org:
     - vittoria.debian.org
+  debian_mirror:
+    - bilbao.debian.org
+  debian_mirror_onion:
+    - bilbao.debian.org
   debug_mirror:
     - klecker.debian.org
     - mirror-isc.debian.org

diff --git a/modules/roles/manifests/debian_mirror.pp b/modules/roles/manifests/debian_mirror.pp
new file mode 100644 (file)
index 0000000..822e0ca
--- /dev/null
+++ b/modules/roles/manifests/debian_mirror.pp
@@ -0,0 +1,30 @@
+class roles::debian_mirror {
+       $vhost_listen = $::hostname ? {
+               klecker    => '130.89.148.12:80 2001:610:1908:b000::148:12:80',
+               mirror-isc => '149.20.4.15:80 [2001:4f8:1:c::15]:80',
+               default => '*:80',
+       }
+       $onion_v4_addr = $::hostname ? {
+               bilbao     => '5.153.231.37',
+               klecker    => '130.89.148.12',
+               mirror-isc => '149.20.4.15',
+               default    => undef,
+       }
+
+       apache2::site { '010-ftp.debian.org':
+               site   => 'ftp.debian.org',
+               content => template('roles/apache-ftp.debian.org.erb'),
+       }
+
+       if has_role('debian_mirror_onion') {
+               if ! $onion_v4_addr {
+                       fail("Do not have an onion_v4_addr set for $::hostname.")
+               }
+
+               onion::service { 'ftp.debian.org':
+                       port => 80,
+                       target_port => 80,
+                       target_address => $onion_v4_addr,
+               }
+       }
+}

diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp
index 835f156..4c07f64 100644 (file)
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -71,6 +71,9 @@ class roles {
        if has_role('security_mirror') {
                include roles::security_mirror
        }
+       if has_role('debian_mirror') {
+               include roles::debian_mirror
+       }
        if has_role('debug_mirror') {
                include roles::debug_mirror
        }

diff --git a/modules/roles/templates/apache-ftp.debian.org.erb b/modules/roles/templates/apache-ftp.debian.org.erb
new file mode 100644 (file)
index 0000000..0475c03
--- /dev/null
+++ b/modules/roles/templates/apache-ftp.debian.org.erb
@@ -0,0 +1,20 @@
+##
+## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
+##
+
+<VirtualHost <%= vhost_listen %>
+        ServerAdmin webmaster@debian.org
+        DocumentRoot /srv/ftp.debian.org/ftp.root
+        ServerName ftp.debian.org
+        <% if scope.function_onion_global_service_hostname(['ftp.debian.org']) -%>
+        ServerAlias <%= scope.function_onion_global_service_hostname(['ftp.debian.org']) %>
+        <% end %>
+
+        ErrorLog /var/log/apache2/ftp.debian.org-error.log
+        CustomLog /var/log/apache2/ftp.debian.org-access.log privacy
+
+        Use ftp-archive /srv/ftp.debian.org/ftp.root/debian
+</VirtualHost>
+
+# vim:set syn=apache: