+++ /dev/null
-anonymous_enable=YES
-write_enable=YES
-anon_root=/srv/backports-upload
-anon_umask=027
-anon_upload_enable=YES
-chown_uploads=YES
-chown_username=dak
-
-xferlog_enable=YES
-xferlog_file=/var/log/ftp/vsftpd-backports-master.debian.org.log
-
-ftpd_banner=backports-master.debian.org FTP server
-secure_chroot_dir=/var/run/vsftpd
-pam_service_name=vsftpd
-setproctitle_enable=YES
-dirmessage_enable=YES
-ls_recurse_enable=NO
-connect_from_port_20=NO
-max_clients=100
+++ /dev/null
-ftpd_banner=ftp.debian.org FTP server
-
-anonymous_enable=YES
-dirmessage_enable=YES
-connect_from_port_20=NO
-setproctitle_enable=YES
-ls_recurse_enable=NO
-xferlog_enable=YES
-xferlog_file=/var/log/ftp/vsftpd-ftp.debian.org.log
-
-secure_chroot_dir=/var/run/vsftpd
-pam_service_name=vsftpd
-
-anon_root=/srv/ftp.debian.org/ftp.root
-
+++ /dev/null
-ftpd_banner=ftp.upload.debian.org FTP server
-
-max_clients=100
-
-anonymous_enable=YES
-dirmessage_enable=YES
-connect_from_port_20=NO
-setproctitle_enable=YES
-ls_recurse_enable=NO
-xferlog_enable=YES
-
-secure_chroot_dir=/var/run/vsftpd
-xferlog_file=/var/log/ftp/vsftpd-ftp.upload.debian.org.log
-pam_service_name=vsftpd
-
-anon_root=/srv/upload.debian.org/ftp
-write_enable=YES
-anon_umask=027
-anon_upload_enable=YES
-chown_uploads=YES
-chown_username=dak
-
+++ /dev/null
-anonymous_enable=YES
-xferlog_enable=YES
-secure_chroot_dir=/var/run/vsftpd
-pam_service_name=vsftpd
-rsa_cert_file=/etc/ssl/certs/vsftpd.pem
-
-setproctitle_enable=YES
-dirmessage_enable=NO
-connect_from_port_20=NO
-xferlog_file=/var/log/ftp/vsftpd-security.debian.org.log
-ls_recurse_enable=YES
-ftpd_banner=security.debian.org FTP server (vsftpd)
}
vsftpd::site { 'backports':
- source => 'puppet:///modules/roles/backports_master/vsftpd.conf',
- bind => $bind,
+ source => 'puppet:///modules/roles/backports_master/vsftpd.conf',
+ logfile => '/var/log/ftp/vsftpd-backports-master.debian.org.log',
+ bind => $bind,
}
if $bind6 {
vsftpd::site { 'backports-v6':
- source => 'puppet:///modules/roles/security_mirror/vsftpd.conf',
- bind => $bind6,
+ source => 'puppet:///modules/roles/security_mirror/vsftpd.conf',
+ logfile => '/var/log/ftp/vsftpd-backports-master.debian.org.log',
+ bind => $bind6,
}
}
apache2::module { 'macro': }
apache2::config { 'puppet-builddlist':
- template => 'roles/conf-builddlist.erb',
+ template => 'roles/dakmaster/conf-builddlist.erb',
}
}
}
vsftpd::site { 'ftp':
- source => 'puppet:///modules/roles/ftp/vsftpd.conf',
- bind => $bind,
+ source => 'puppet:///modules/roles/ftp/vsftpd.conf',
+ logfile => '/var/log/ftp/vsftpd-ftp.debian.org.log',
+ bind => $bind,
}
if $bind6 {
vsftpd::site { 'ftp-v6':
- source => 'puppet:///modules/roles/security_mirror/vsftpd.conf',
- bind => $bind6,
+ source => 'puppet:///modules/roles/security_mirror/vsftpd.conf',
+ logfile => '/var/log/ftp/vsftpd-ftp.debian.org.log',
+ bind => $bind6,
}
}
}
}
vsftpd::site { 'ftp-upload':
- source => 'puppet:///modules/roles/ftp_upload/vsftpd.conf',
- bind => $bind,
+ source => 'puppet:///modules/roles/ftp_upload/vsftpd.conf',
+ logfile => '/var/log/ftp/vsftpd-ftp.upload.debian.org.log',
+ bind => $bind,
}
if $bind6 {
vsftpd::site { 'ftp-upload-v6':
- source => 'puppet:///modules/roles/security_mirror/vsftpd.conf',
- bind => $bind6,
+ source => 'puppet:///modules/roles/security_mirror/vsftpd.conf',
+ logfile => '/var/log/ftp/vsftpd-ftp.upload.debian.org.log',
+ bind => $bind6,
}
}
}
}
vsftpd::site { 'security':
- source => 'puppet:///modules/roles/security_mirror/vsftpd.conf',
- bind => $bind,
+ source => 'puppet:///modules/roles/security_mirror/vsftpd.conf',
+ logfile => '/var/log/ftp/vsftpd-security.debian.org.log',
+ bind => $bind,
}
if $bind6 {
vsftpd::site { 'security-v6':
- source => 'puppet:///modules/roles/security_mirror/vsftpd.conf',
- bind => $bind6,
+ source => 'puppet:///modules/roles/security_mirror/vsftpd.conf',
+ logfile => '/var/log/ftp/vsftpd-security.debian.org.log',
+ bind => $bind6,
}
}
--- /dev/null
+anonymous_enable=YES
+write_enable=YES
+anon_root=/srv/backports-upload
+anon_umask=027
+anon_upload_enable=YES
+chown_uploads=YES
+chown_username=dak
+
+xferlog_enable=YES
+xferlog_file=<%= scope.lookupvar('logfile') %>
+
+ftpd_banner=backports-master.debian.org FTP server
+secure_chroot_dir=/var/run/vsftpd
+pam_service_name=vsftpd
+setproctitle_enable=YES
+dirmessage_enable=YES
+ls_recurse_enable=NO
+connect_from_port_20=NO
+max_clients=100
+++ /dev/null
-##
-## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
-##
-
-<Macro DebianBuilddHostList>
-
-<%=
- lines = []
-
- scope.lookupvar('site::allnodeinfo').keys.sort.each do |node|
- next unless scope.lookupvar('site::allnodeinfo')[node]['purpose']
- if scope.lookupvar('site::allnodeinfo')[node]['purpose'].include?('buildd')
- lines << " # #{scope.lookupvar('site::allnodeinfo')[node]['hostname'].to_s}"
- scope.lookupvar('site::allnodeinfo')[node]['ipHostNumber'].each do |addr|
- lines << " allow from #{addr}"
- end
- end
- end
-
- lines.join("\n")
-# vim:set et:
-# vim:set sts=2 ts=2:
-# vim:set shiftwidth=2:
-%>
-</Macro>
--- /dev/null
+ftpd_banner=ftp.debian.org FTP server
+
+anonymous_enable=YES
+dirmessage_enable=YES
+connect_from_port_20=NO
+setproctitle_enable=YES
+ls_recurse_enable=NO
+xferlog_enable=YES
+xferlog_file=<%= scope.lookupvar('logfile') %>
+
+secure_chroot_dir=/var/run/vsftpd
+pam_service_name=vsftpd
+
+anon_root=/srv/ftp.debian.org/ftp.root
+
--- /dev/null
+ftpd_banner=ftp.upload.debian.org FTP server
+
+max_clients=100
+
+anonymous_enable=YES
+dirmessage_enable=YES
+connect_from_port_20=NO
+setproctitle_enable=YES
+ls_recurse_enable=NO
+xferlog_enable=YES
+
+secure_chroot_dir=/var/run/vsftpd
+xferlog_file=<%= scope.lookupvar('logfile') %>
+pam_service_name=vsftpd
+
+anon_root=/srv/upload.debian.org/ftp
+write_enable=YES
+anon_umask=027
+anon_upload_enable=YES
+chown_uploads=YES
+chown_username=dak
+
--- /dev/null
+anonymous_enable=YES
+xferlog_enable=YES
+secure_chroot_dir=/var/run/vsftpd
+pam_service_name=vsftpd
+rsa_cert_file=/etc/ssl/certs/vsftpd.pem
+
+setproctitle_enable=YES
+dirmessage_enable=NO
+connect_from_port_20=NO
+xferlog_file=/var/log/ftp/vsftpd-security.debian.org.log
+ls_recurse_enable=YES
+ftpd_banner=security.debian.org FTP server (vsftpd)
$source='',
$content='',
$bind='',
+ $logfile="/var/log/ftp/vsftpd-${name}.debian.org.log",
$ensure=present
){
fail ( "Need one of source or content for $name" )
}
+ file { "/etc/logrotate.d/vsftpd-${name}":
+ ensure => $ensure,
+ content => template('vsftpd/logrotate.erb')
+ }
+
# We don't need a firewall rule because it's added in vsftp.pp
xinetd::service { "vsftpd-${name}":
bind => $bind,
--- /dev/null
+<%= scope.lookupvar('logfile') %>
+{
+ create 640 root adm
+
+ # ftpd doesn't handle SIGHUP properly
+ missingok
+ notifempty
+ rotate 4
+ weekly
+}
projects / mirror / dsa-puppet.git / commitdiff