1 class roles::snapshot_web {
3 include apache2::rewrite
11 ssl::service { 'snapshot.debian.org':
12 notify => Exec['service apache2 reload'],
15 apache2::site { '020-snapshot.debian.org':
16 site => 'snapshot.debian.org',
17 content => template('roles/snapshot/snapshot.debian.org.conf.erb')
22 $ipv4addr = '185.17.185.185'
23 $ipv6addr = '2001:1af8:4020:b030:deb::185'
24 $ipv6addr_apache = '2001:1af8:4020:b030:deb::187'
27 $ipv4addr = '193.62.202.27'
28 $ipv6addr = '2001:630:206:4000:1a1a:0:c13e:ca1b'
29 $ipv6addr_apache = '2001:630:206:4000:1a1a:0:c13e:ca1a'
32 fail ( "unknown host $::hostname for snapshot_web." )
36 @ferm::rule { 'dsa-snapshot-varnish-v4':
37 rule => '&SERVICE(tcp, 6081)',
39 @ferm::rule { 'dsa-nat-snapshot-varnish-v4':
41 chain => 'PREROUTING',
42 rule => "proto tcp daddr ${ipv4addr} dport 80 REDIRECT to-ports 6081",
45 varnish::config { 'default':
50 backend => 'file,/var/lib/varnish/varnish_storage.bin,8G',
51 content => template('roles/snapshot/snapshot.debian.org.vcl.erb'),
54 file { '/etc/apache2/ports.conf':
57 Listen [$ipv6addr_apache]:80
59 require => Package['apache2'],
60 notify => Service['apache2'],