projects / mirror / dsa-puppet.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
ftpmaster has an apache
[mirror/dsa-puppet.git] / modules / roles / manifests / ftp_master.pp
1 class roles::ftp_master {
2   include roles::dakmaster
3   include roles::signing
4   include apache2
5
6   rsync::site { 'dakmaster':
7     source      => 'puppet:///modules/roles/dakmaster/rsyncd.conf',
8     # Needs to be at least number of direct mirrors plus some spare
9     max_clients => 50,
10     sslname     => 'ftp-master.debian.org',
11   }
12
13   ssl::service { 'ftp-master.debian.org':
14     notify   => Exec['service apache2 reload'],
15     key      => true,
16     tlsaport => [443, 1873],
17   }
18
19   # export ssh allow rules for hosts that we should be able to access
20   @@ferm::rule::simple { "dsa-ssh-from-ftp_master-${::fqdn}":
21     tag         => 'ssh::server::from::ftp_master',
22     description => 'Allow ssh access from ftp_master',
23     chain       => 'ssh',
24     saddr       => $base::public_addresses,
25   }
26 }
Unnamed repository; edit this file 'description' to name the repository.