hieradata/common.yaml

   1 ---
   2
   3 lookup_options:
   4   # with merge: unique entries in other hiera sources add to the array
   5   resolv::searchpaths:
   6     merge: unique
   7   apt::sources::debian::location:
   8     merge: unique
   9
  10 resolv::resolv::nameservers: []
  11 resolv::searchpaths: ['debian.org']
  12 allow_dns_query: []
  13 role_config__mirrors:
  14   mirror_basedir_prefix: '/srv/mirrors/'
  15 role_config__syncproxy:
  16   mirror_basedir_prefix: '/srv/mirrors/'
  17 samhain_recipients:
  18   - 'debian-archive-debian-samhain-reports@master.debian.org'
  19   - 'debian-admin@ftbfs.de'
  20   - 'weasel@debian.org'
  21   - 'zumbi@oron.es'
  22 root_mail_alias:
  23   - 'debian-admin@debian.org'
  24 paths:
  25   letsencrypt_dir: '/srv/puppet.debian.org/from-letsencrypt'
  26   auto_certs_dir: '/srv/puppet.debian.org/ca/RESULT/certs'
  27   auto_clientcerts_dir: '/srv/puppet.debian.org/ca/RESULT/clientcerts'
  28 apt::sources::debian::location: 'https://deb.debian.org/debian/'
  29
  30 # all of these should be retired in favour of including the class role
  31 # with the host. weasel, 2019-09
  32 roles:
  33   bugsmx:
  34     - buxtehude.debian.org
  35   bugs_master:
  36     - buxtehude.debian.org
  37   bugs_mirror:
  38     - beach.debian.org
  39   bugs_base:
  40     - buxtehude.debian.org
  41     - beach.debian.org
  42   contributors:
  43     - nono.debian.org
  44   dbmaster:
  45     - draghi.debian.org
  46   debtags:
  47     - tate.debian.org
  48   dns_primary:
  49     - denis.debian.org
  50   dns_geo:
  51     - geo1.debian.org
  52     - geo2.debian.org
  53     - geo3.debian.org
  54   extranrpeclient:
  55     - denis.debian.org
  56   ftp_master:
  57     - fasolo.debian.org
  58   ftp.upload.d.o:
  59     - coccia.debian.org
  60     - usper.debian.org
  61   api.ftp-master:
  62     - coccia.debian.org
  63   dgit_browse:
  64     - cgi-grnet-01.debian.org
  65   dgit_git:
  66     - cgi-grnet-01.debian.org
  67   git_master:
  68     - adayevskaya.debian.org
  69   historicalpackages:
  70     - hier.debian.org
  71   keyring:
  72     - kaufmann.debian.org
  73   lists:
  74     - bendel.debian.org
  75   mailrelay:
  76     - mailly.debian.org
  77     - muffat.debian.org
  78   manpages-dyn:
  79     - manziarly.debian.org
  80     - cgi-grnet-01.debian.org
  81   mirrormaster:
  82     - melartin.debian.org
  83   muninmaster:
  84     - menotti.debian.org
  85   nagiosmaster:
  86     - tchaikovsky.debian.org
  87   nm:
  88     - nono.debian.org
  89   packages:
  90     - picconi.debian.org
  91     - pkgmirror-csail.debian.org
  92   packagesmaster:
  93     - picconi.debian.org
  94   packagesqamaster:
  95     - quantz.debian.org
  96   people:
  97     - paradis.debian.org
  98   piuparts:
  99     - pejacevic.debian.org
 100   piuparts_slave:
 101     - piu-slave-bm-a.debian.org
 102     - piu-slave-ubc-01.debian.org
 103   popcon:
 104     - pinel.debian.org
 105   pubsub:
 106     - rainier.debian.org
 107     - rapoport.debian.org
 108   qamaster:
 109     - quantz.debian.org
 110   rtmaster:
 111     - reger.debian.org
 112   rtc:
 113     - vogler.debian.org
 114   search_backend:
 115     - wolkenstein.debian.org
 116   search_frontend:
 117     - cgi-grnet-01.debian.org
 118   archvsync_base_additional:
 119   # this is usually pulled in by *-mirror or syncproxy roles
 120     - dummy
 121   security_master:
 122     - seger.debian.org
 123   security_mirror:
 124     mirror-anu.debian.org:
 125       fastly-backend: false
 126     mirror-csail.debian.org:
 127       fastly-backend: false
 128     mirror-isc.debian.org:
 129       onion_v4_address: 149.20.4.14
 130     mirror-umn.debian.org:
 131       onion_v4_address: 128.101.240.215
 132     mirror-accumu.debian.org:
 133       fastly-backend: false
 134     mirror-skroutz.debian.org:
 135       fastly-backend: false
 136     lobos.debian.org:
 137       service-hostname: lobos.security.backend.mirrors.debian.org
 138       fastly-backend: false
 139       onion_v4_address: 212.211.132.250
 140     santoro.debian.org:
 141       fastly-backend: false
 142     schmelzer.debian.org:
 143       fastly-backend: false
 144     schumann.debian.org:
 145       service-hostname: schumann.security.backend.mirrors.debian.org
 146       fastly-backend: true
 147     setoguchi.debian.org:
 148       fastly-backend: false
 149     sechter.debian.org:
 150       fastly-backend: false
 151     villa.debian.org:
 152       service-hostname: villa.security.backend.mirrors.debian.org
 153       fastly-backend: true
 154       onion_v4_address: 212.211.132.32
 155     wieck.debian.org:
 156       service-hostname: wieck.security.backend.mirrors.debian.org
 157       fastly-backend: true
 158   security_tracker:
 159     - soriano.debian.org
 160   security_upload:
 161     - suchon.debian.org
 162   ssh.upload.d.o:
 163     - coccia.debian.org
 164     - suchon.debian.org
 165     - usper.debian.org
 166   sso:
 167     - diabelli.debian.org
 168   # single sign on relying party (host) - also required apache2 module enabled on that host via other means
 169   sso_rp:
 170     - debussy.debian.org
 171     - diabelli.debian.org
 172     - jerea.debian.org
 173     - nono.debian.org
 174     - quantz.debian.org
 175     - tate.debian.org
 176     - ticharich.debian.org
 177     - wilder.debian.org
 178     - wuiet.debian.org
 179   static_master:
 180     - dillon.debian.org
 181     - fasolo.debian.org
 182     - porta.debian.org
 183     - static-master-grnet-01.debian.org
 184   static_mirror:
 185     - klecker.debian.org
 186     - mirror-anu.debian.org
 187     - mirror-csail.debian.org
 188     - mirror-isc.debian.org
 189     - senfter.debian.org
 190     - santoro.debian.org
 191   static_mirror_onion:
 192     - klecker.debian.org
 193     - mirror-isc.debian.org
 194     - senfter.debian.org
 195   # when adding a new static mirror, allow it to sync etc, but do not push to it and wait for it.  For this, also add it to static_mirror_nopush.
 196   static_mirror_nopush:
 197     - dummy
 198   static_source:
 199     - boott.debian.org
 200     - casulana.debian.org
 201     - coccia.debian.org
 202     - dillon.debian.org
 203     - donizetti.debian.org
 204     - fasolo.debian.org
 205     - kaufmann.debian.org
 206     - lindsay.debian.org
 207     - manziarly.debian.org
 208     - mekeel.debian.org
 209     - melartin.debian.org
 210     - porta.debian.org
 211     - philp.debian.org
 212     - respighi.debian.org
 213     - wolkenstein.debian.org
 214     - wuiet.debian.org
 215   syncproxy:
 216     - gretchaninov.debian.org
 217     - klecker.debian.org
 218     - milanollo.debian.org
 219     - mirror-anu.debian.org
 220     - mirror-isc.debian.org
 221     - mirror-umn.debian.org
 222     - schmelzer.debian.org
 223     - smit.debian.org
 224   tracker:
 225     - ticharich.debian.org
 226   udd:
 227     - ullmann.debian.org
 228   vote:
 229     - vento.debian.org
 230   weblog_destination:
 231     - wolkenstein.debian.org
 232   weblog_provider:
 233     - klecker.debian.org
 234     - mirror-anu.debian.org
 235     - mirror-csail.debian.org
 236     - mirror-isc.debian.org
 237     - mirror-umn.debian.org
 238     - santoro.debian.org
 239     - senfter.debian.org
 240   wiki:
 241     - wilder.debian.org
 242   www_master:
 243     - wolkenstein.debian.org
 244   cgi.d.o:
 245     - wolkenstein.debian.org
 246   postgres_backup_server:
 247     - backuphost.debian.org
 248     - storace.debian.org
 249   bacula_director:
 250     - dinis.debian.org
 251   bacula_storage:
 252     - storace.debian.org
 253   dabackup_client:
 254     - lw03.debian.org
 255   gobby_debian_org:
 256     - gombert.debian.org
 257   veyepar.debian.org:
 258     - vittoria.debian.org
 259   sreview.debian.org:
 260     - vittoria.debian.org
 261   debian_mirror:
 262     klecker.debian.org:
 263       listen-addresses:
 264         - '130.89.148.12:80'
 265         - '[2001:67c:2564:a119::148:12]:80'
 266       onion_v4_address: 130.89.148.12
 267     mirror-accumu.debian.org:
 268       service-hostname: accumu.debian.backend.mirrors.debian.org
 269       fastly-backend: true
 270     mirror-skroutz.debian.org:
 271       service-hostname: skroutz.debian.backend.mirrors.debian.org
 272       fastly-backend: true
 273     mirror-isc.debian.org:
 274       listen-addresses:
 275         - '149.20.4.15:80'
 276         - '[2001:4f8:1:c::15]:80'
 277       onion_v4_address: 149.20.4.15
 278     schmelzer.debian.org:
 279       listen-addresses:
 280         - '217.196.149.232:80'
 281         - '[2a02:16a8:dc41:100::232]:80'
 282       fastly-backend: true
 283       service-hostname: conova.debian.backend.mirrors.debian.org
 284   historical_master:
 285     - sibelius.debian.org
 286   historical_mirror:
 287     - gretchaninov.debian.org
 288     - klecker.debian.org
 289     - schmelzer.debian.org
 290     - sibelius.debian.org
 291   debug_mirror:
 292     mirror-accumu.debian.org:
 293       onion_v4_address: 130.242.6.199
 294       service-hostname: accumu.debug.backend.mirrors.debian.org
 295     schmelzer.debian.org:
 296       listen-addresses:
 297         - '217.196.149.232:80'
 298         - '[2a02:16a8:dc41:100::232]:80'
 299       onion_v4_address: 217.196.149.232
 300       service-hostname: conova.debug.backend.mirrors.debian.org
 301   debug_mirror_onion:
 302     - mirror-accumu.debian.org
 303     - schmelzer.debian.org
 304   ports_mirror:
 305     - klecker.debian.org
 306     - mirror-isc.debian.org
 307   ports_mirror_onion:
 308     - klecker.debian.org
 309     - mirror-isc.debian.org
 310   planet_master:
 311     - philp.debian.org
 312   planet_search:
 313     - philp.debian.org
 314   i18n.d.o:
 315     - tye.debian.org
 316   l10n.d.o:
 317     - tye.debian.org
 318   dedup.d.n:
 319     - delfin.debian.org
 320   pet.d.n:
 321     - petrova.debian.org
 322   ports_master:
 323     - porta.debian.org
 324   onionbalance:
 325     - olin.debian.org
 326   bgp:
 327     - mirror-accumu.debian.org
 328     - mirror-skroutz.debian.org
 329   cdimage-search:
 330     - cgi-grnet-01.debian.org
 331   apache_prefork:
 332     # php needs this
 333     - quantz.debian.org
 334     - tchaikovsky.debian.org
 335     - wuiet.debian.org
 336   postgresql_server:
 337     # postgresql instances not managed by puppet otherwise
 338     - bmdb1.debian.org
 339     - buxtehude.debian.org
 340     - danzi.debian.org
 341     - fasolo.debian.org
 342     - lw07.debian.org
 343     - melartin.debian.org
 344     - sallinen.debian.org
 345     - seger.debian.org
 346     - snapshotdb-manda-01.debian.org
 347     - vittoria.debian.org
 348   salsa.debian.org:
 349     - godard.debian.org
 350   insecure_ssl:
 351     - debussy.debian.org
 352     - godard.debian.org
 353   debsources:
 354     - sor.debian.org
 355   ipsec:
 356     - fasolo.debian.org
 357     - storace.debian.org
 358   debconf_wafer:
 359     - debussy.debian.org
 360   apache_not_public:
 361     # Hosts that run apache but where it should not be open to the internet by
 362     # default
 363     - casulana.debian.org
 364   apache_ratelimited:
 365     - beach.debian.org
 366     - buxtehude.debian.org
 367     - lw07.debian.org
 368     - picconi.debian.org
 369     - pkgmirror-csail.debian.org
 370     - sallinen.debian.org
 371   cdbuilder_local_mirror:
 372     - casulana.debian.org
 373   alioth_archive:
 374     - grabbe.debian.org
 375   snapshot_web:
 376     - lw07.debian.org
 377     - sallinen.debian.org
 378   snapshot_shell:
 379     - lw08.debian.org
 380   anonscm:
 381     - cgi-grnet-01.debian.org
 382
 383 classes:
 384   - base::includes