From: Peter Palfrader <peter@palfrader.org>
Date: Thu, 26 May 2016 10:49:36 +0000 (+0200)
Subject: Add a ports-master role
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=725369f4e2a86e4589ac40276a9c1289b1baad71;p=mirror%2Fdsa-puppet.git

Add a ports-master role
---

diff --git a/hieradata/common.yaml b/hieradata/common.yaml
index 5de94d16a..f2b5ac87a 100644
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@@ -198,3 +198,5 @@ roles:
     - delfin.debian.org
   pet.d.n:
     - petrova.debian.org
+  ports-master:
+    - porta.debian.org
diff --git a/modules/roles/files/ports-master/rsyncd.conf b/modules/roles/files/ports-master/rsyncd.conf
new file mode 100644
index 000000000..e443a5497
--- /dev/null
+++ b/modules/roles/files/ports-master/rsyncd.conf
@@ -0,0 +1,21 @@
+uid = nobody
+gid = nogroup
+max connections = 25
+syslog facility = daemon
+socket options = SO_KEEPALIVE
+timeout = 7200
+log file = /var/log/rsyncd/rsyncd-ports-master.log
+
+[debian-ports]
+  path = /srv/ports-master.debian.org/ftp/debian-ports
+  comment = debian-ports tree - see https://www.ports.debian.org/
+  auth users = *
+  read only = true
+  secrets file = /etc/rsyncd/ftp.secrets
+
+[debian-ports-cd]
+  path = /srv/ports-master.debian.org/ftp/debian-ports-cd
+  comment = debian-ports-cd tree - see https://www.ports.debian.org/
+  auth users = *
+  read only = true
+  secrets file = /etc/rsyncd/ftp.secrets
diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp
index fc13165ef..4c3553acd 100644
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -340,4 +340,8 @@ class roles {
 			key => true,
 		}
 	}
+
+	if has_role('ports-master') {
+		include roles::ports-master
+	}
 }
diff --git a/modules/roles/manifests/ports-master.pp b/modules/roles/manifests/ports-master.pp
new file mode 100644
index 000000000..62746adb1
--- /dev/null
+++ b/modules/roles/manifests/ports-master.pp
@@ -0,0 +1,21 @@
+class roles::ports-master {
+	rsync::site { 'ports-master':
+		source        => 'puppet:///modules/roles/ports-master/rsyncd.conf',
+		max_clients   => 100,
+		sslname       => 'ports-master.debian.org',
+	}
+
+	ssl::service { 'ports-master.debian.org':
+		key => true,
+	}
+
+	file { '/etc/rsyncd':
+		ensure => 'directory'
+	}
+
+	file { '/etc/rsyncd/debian.secrets':
+		owner => 'root',
+		group => 'mirroradm',
+		mode => 0660,
+	}
+}