projects / mirror / dsa-puppet.git / blob
? search:


e53f7e4c71d8b0446783804b28a30bd96878f5b6
[mirror/dsa-puppet.git] / data / common.yaml
1 ---
2
3 lookup_options:
4   # with merge: unique entries in other hiera sources add to the array
5   resolv::searchpaths:
6     merge: unique
7   apt::sources::debian::location:
8     merge: unique
9
10 # class parameters
11 resolv::nameservers: []
12 resolv::searchpaths: ['debian.org']
13 staticsync::user: 'staticsync'
14 staticsync::basedir: '/srv/static.debian.org'
15
16 roles::dns_primary::allow_access:
17   # easydns
18   - '64.68.200.91'
19   - '205.210.42.80'
20   # rcode0
21   - '83.136.34.0/27'
22   - '2a02:850:8::/47'
23   # netnod
24   - '192.71.80.0/24'
25   - '192.36.144.222'
26   - '192.36.144.218'
27   - '194.146.105.24'
28   - '194.146.105.25'
29   - '2a01:3f0:0:27::24'
30   - '2a01:3f0:0:28::25'
31
32 # other variables
33 allow_dns_query: []
34 role_config__mirrors:
35   mirror_basedir_prefix: '/srv/mirrors/'
36 role_config__syncproxy:
37   mirror_basedir_prefix: '/srv/mirrors/'
38 samhain_recipients:
39   - 'debian-archive-debian-samhain-reports@master.debian.org'
40   - 'debian-admin@ftbfs.de'
41   - 'weasel@debian.org'
42   - 'zumbi@oron.es'
43 root_mail_alias:
44   - 'debian-admin@debian.org'
45 paths:
46   letsencrypt_dir: '/srv/puppet.debian.org/from-letsencrypt'
47   auto_certs_dir: '/srv/puppet.debian.org/ca/RESULT/certs'
48   auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts'
49 apt::sources::debian::location: 'https://deb.debian.org/debian/'
50
51
52 # all of these should be retired in favour of including the class role
53 # with the host. weasel, 2019-09
54 roles:
55   ftp_master:
56     # XXX - used by ferm templates/defs.conf.erb
57     - fasolo.debian.org
58   mailrelay:
59     # XXX - ONLY used by ferm templates/defs.conf.erb
60     - mailly.debian.org
61     - muffat.debian.org
62   muninmaster:
63     # XXX - used by ferm templates/defs.conf.erb
64     - menotti.debian.org
65   nagiosmaster:
66     # XXX - used by ferm templates/defs.conf.erb
67     - tchaikovsky.debian.org
68   security_master:
69     # XXX - used by ferm templates/defs.conf.erb
70     - seger.debian.org
71   security_mirror:
72     # XXX used also in ferm me.conf.erb
73     mirror-anu.debian.org:
74       fastly-backend: false
75     mirror-csail.debian.org:
76       fastly-backend: false
77     mirror-isc.debian.org:
78       onion_v4_address: 149.20.4.14
79     mirror-umn.debian.org:
80       onion_v4_address: 128.101.240.215
81     mirror-accumu.debian.org:
82       fastly-backend: false
83     mirror-skroutz.debian.org:
84       fastly-backend: false
85     lobos.debian.org:
86       service-hostname: lobos.security.backend.mirrors.debian.org
87       fastly-backend: false
88       onion_v4_address: 212.211.132.250
89     santoro.debian.org:
90       fastly-backend: false
91     schmelzer.debian.org:
92       fastly-backend: false
93     schumann.debian.org:
94       service-hostname: schumann.security.backend.mirrors.debian.org
95       fastly-backend: true
96     setoguchi.debian.org:
97       fastly-backend: false
98     sechter.debian.org:
99       fastly-backend: false
100     villa.debian.org:
101       service-hostname: villa.security.backend.mirrors.debian.org
102       fastly-backend: true
103       onion_v4_address: 212.211.132.32
104     wieck.debian.org:
105       service-hostname: wieck.security.backend.mirrors.debian.org
106       fastly-backend: true
107   postgres_backup_server:
108     # XXX - used by ferm templates/defs.conf.erb
109     - backuphost.debian.org
110     - storace.debian.org
111   debian_mirror:
112     # XXX used also in ferm me.conf.erb
113     klecker.debian.org:
114       listen-addresses:
115         - '130.89.148.12:80'
116         - '[2001:67c:2564:a119::148:12]:80'
117       onion_v4_address: 130.89.148.12
118     new-klecker.debian.org: {}
119     mirror-accumu.debian.org:
120       service-hostname: accumu.debian.backend.mirrors.debian.org
121       fastly-backend: true
122     mirror-skroutz.debian.org:
123       service-hostname: skroutz.debian.backend.mirrors.debian.org
124       fastly-backend: true
125     mirror-isc.debian.org:
126       listen-addresses:
127         - '149.20.4.15:80'
128         - '[2001:4f8:1:c::15]:80'
129       onion_v4_address: 149.20.4.15
130     schmelzer.debian.org:
131       listen-addresses:
132         - '217.196.149.232:80'
133         - '[2a02:16a8:dc41:100::232]:80'
134       fastly-backend: true
135       service-hostname: conova.debian.backend.mirrors.debian.org
136   historical_master:
137     # XXX - used by ferm templates/defs.conf.erb
138     - sibelius.debian.org
139   historical_mirror:
140     # XXX used also in ferm me.conf.erb
141     - gretchaninov.debian.org
142     - klecker.debian.org
143     - schmelzer.debian.org
144     - sibelius.debian.org
145   debug_mirror:
146     # XXX used also in ferm me.conf.erb
147     mirror-accumu.debian.org:
148       onion_v4_address: 130.242.6.199
149       service-hostname: accumu.debug.backend.mirrors.debian.org
150     schmelzer.debian.org:
151       listen-addresses:
152         - '217.196.149.232:80'
153         - '[2a02:16a8:dc41:100::232]:80'
154       onion_v4_address: 217.196.149.232
155       service-hostname: conova.debug.backend.mirrors.debian.org
156   debug_mirror_onion:
157     - mirror-accumu.debian.org
158     - schmelzer.debian.org
159   ports_master:
160     # XXX - used by ferm templates/defs.conf.erb
161     - porta.debian.org
162   bgp:
163     - mirror-accumu.debian.org
164     - mirror-skroutz.debian.org
165   postgresql_server:
166     # postgresql instances not managed by puppet otherwise
167     - bmdb1.debian.org
168     - buxtehude.debian.org
169     - danzi.debian.org
170     - fasolo.debian.org
171     - lw07.debian.org
172     - melartin.debian.org
173     - postgresql-manda-01.debian.org
174     - sallinen.debian.org
175     - seger.debian.org
176     - snapshotdb-manda-01.debian.org
177     - vittoria.debian.org
178
179 classes:
180   - base::includes
Unnamed repository; edit this file 'description' to name the repository.