modules/roles/manifests/debian_mirror.pp

   1 class roles::debian_mirror {
   2   include roles::archvsync_base
   3
   4   $mirror_basedir_prefix = hiera('role_config__mirrors.mirror_basedir_prefix')
   5   $archive_root = "${mirror_basedir_prefix}debian"
   6   $listen_addresses = hiera('roles.debian_mirror')
   7     .dig($::fqdn, 'listen-addresses')
   8     .then |$a| { $a }
   9     .lest || { ['*:80'] }
  10
  11   $vhost_listen = join([
  12     *$listen_addresses,
  13     has_role('bgp') ? {
  14       true    => '193.31.7.2:80 [2a02:158:ffff:deb::2]:80',
  15       default => '',
  16     }], ' ')
  17
  18   apache2::site { '010-ftp.debian.org':
  19     site    => 'ftp.debian.org',
  20     content => template('roles/apache-ftp.debian.org.erb'),
  21   }
  22
  23   $onion_v4_addr = hiera('roles.debian_mirror', {})
  24     .dig($::fqdn, 'onion_v4_address')
  25   if $onion_v4_addr {
  26     onion::service { 'ftp.debian.org':
  27       port           => 80,
  28       target_port    => 80,
  29       target_address => $onion_v4_addr,
  30     }
  31   }
  32
  33   $hosts_to_check = hiera('roles.debian_mirror', {})
  34     .filter |$h| { $h[1]['fastly-backend'] }
  35     .map |$h| { $h[1]['service-hostname'] }
  36
  37   roles::mirror_health { 'ftp':
  38     check_hosts   => $hosts_to_check,
  39     check_service => 'ftp',
  40     url           => 'http://debian.backend.mirrors.debian.org/debian/dists/sid/Release',
  41     health_url    => 'http://debian.backend.mirrors.debian.org/_health',
  42   }
  43
  44   Ferm::Rule::Simple <<| tag == 'ssh::server::from::syncproxy' |>>
  45 }