and onions for ftp.ports.d.o and debug.mirrors.d.o

author Peter Palfrader <peter@palfrader.org>

Fri, 29 Jul 2016 23:22:54 +0000 (23:22 +0000)

committer Peter Palfrader <peter@palfrader.org>

Fri, 29 Jul 2016 23:22:54 +0000 (23:22 +0000)
author Peter Palfrader <peter@palfrader.org>
Fri, 29 Jul 2016 23:22:54 +0000 (23:22 +0000)
committer Peter Palfrader <peter@palfrader.org>
Fri, 29 Jul 2016 23:22:54 +0000 (23:22 +0000)
diff --git a/hieradata/common.yaml b/hieradata/common.yaml

index 6c154c9..a1dc93d 100644 (file)
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@@ -213,9 +213,15 @@ roles:
    debug_mirror:
      - klecker.debian.org
      - mirror-isc.debian.org
+  debug_mirror_onion:
+    - klecker.debian.org
+    - mirror-isc.debian.org
    ports_mirror:
      - klecker.debian.org
      - mirror-isc.debian.org
+  ports_mirror_onion:
+    - klecker.debian.org
+    - mirror-isc.debian.org
    planet_search:
      - philp.debian.org
    i18n.d.o:
diff --git a/modules/roles/manifests/debug_mirror.pp b/modules/roles/manifests/debug_mirror.pp

index da70581..94c73a5 100644 (file)
--- a/modules/roles/manifests/debug_mirror.pp
+++ b/modules/roles/manifests/debug_mirror.pp
@@ -4,9 +4,26 @@ class roles::debug_mirror {
                 mirror-isc => '149.20.20.22:80 [2001:4f8:8:36::1deb:22]:80',
                 default => '*:80',
         }
+       $onion_v4_addr = $::hostname ? {
+               klecker    => '130.89.148.14',
+               mirror-isc => '149.20.20.22',
+               default    => undef,
+       }
  
         apache2::site { '010-debug.mirrors.debian.org':
                 site   => 'debug.mirrors.debian.org',
                 content => template('roles/apache-debug.mirrors.debian.org.erb'),
         }
+
+       if has_role('static_mirror_onion') {
+               if ! $onion_v4_addr {
+                       fail("Do not have an onion_v4_addr set for $::hostname.")
+               }
+
+               onion::service { 'debug.mirrors.debian.org':
+                       port => 80,
+                       target_port => 80,
+                       target_address => $onion_v4_addr,
+               }
+       }
  }
diff --git a/modules/roles/manifests/onionbalance.pp b/modules/roles/manifests/onionbalance.pp

index 8935211..ec870b4 100644 (file)
--- a/modules/roles/manifests/onionbalance.pp
+++ b/modules/roles/manifests/onionbalance.pp
@@ -45,4 +45,6 @@ class roles::onionbalance {
  
         # non-static.d.o
         onion::balance_service { 'security.debian.org': }
+       onion::balance_service { 'debug.mirrors.debian.org': }
+       onion::balance_service { 'ftp.ports.debian.org': }
  }
diff --git a/modules/roles/manifests/ports_mirror.pp b/modules/roles/manifests/ports_mirror.pp

index ff0d601..31cf1b5 100644 (file)
--- a/modules/roles/manifests/ports_mirror.pp
+++ b/modules/roles/manifests/ports_mirror.pp
@@ -4,9 +4,26 @@ class roles::ports_mirror {
                 mirror-isc => '149.20.20.22:80 [2001:4f8:8:36::1deb:22]:80',
                 default => '*:80',
         }
+       $onion_v4_addr = $::hostname ? {
+               klecker    => '130.89.148.14',
+               mirror-isc => '149.20.20.22',
+               default    => undef,
+       }
  
         apache2::site { '010-ftp.ports.debian.org':
                 site   => 'ftp.ports.debian.org',
                 content => template('roles/apache-ftp.ports.debian.org.erb'),
         }
+
+       if has_role('static_mirror_onion') {
+               if ! $onion_v4_addr {
+                       fail("Do not have an onion_v4_addr set for $::hostname.")
+               }
+
+               onion::service { 'ftp.ports.debian.org':
+                       port => 80,
+                       target_port => 80,
+                       target_address => $onion_v4_addr,
+               }
+       }
  }
diff --git a/modules/roles/templates/apache-debug.mirrors.debian.org.erb b/modules/roles/templates/apache-debug.mirrors.debian.org.erb

index 51c4545..5d2ac23 100644 (file)
--- a/modules/roles/templates/apache-debug.mirrors.debian.org.erb
+++ b/modules/roles/templates/apache-debug.mirrors.debian.org.erb
@@ -6,6 +6,9 @@
  <VirtualHost <%= vhost_listen %> >
          ServerAdmin debian-admin@debian.org
          ServerName debug.mirrors.debian.org
+        <% if scope.function_onion_global_service_hostname(['debug.mirrors.debian.org']) -%>
+        ServerAlias <%= scope.function_onion_global_service_hostname(['debug.mirrors.debian.org']) %>
+        <% end %>
  
          RedirectMatch "^/$" /debian-debug/
          Alias /debian-debug /srv/mirrors/debian-debug
diff --git a/modules/roles/templates/apache-ftp.ports.debian.org.erb b/modules/roles/templates/apache-ftp.ports.debian.org.erb

index 42c3fb2..5a060ce 100644 (file)
--- a/modules/roles/templates/apache-ftp.ports.debian.org.erb
+++ b/modules/roles/templates/apache-ftp.ports.debian.org.erb
@@ -6,7 +6,9 @@
  <VirtualHost <%= vhost_listen %> >
          ServerAdmin debian-admin@debian.org
          ServerName ftp.ports.debian.org
-
+        <% if scope.function_onion_global_service_hostname(['ftp.ports.debian.org']) -%>
+        ServerAlias <%= scope.function_onion_global_service_hostname(['ftp.ports.debian.org']) %>
+        <% end %>
  
          ErrorLog /var/log/apache2/ftp.ports.debian.org-error.log
          LogLevel warn
author	Peter Palfrader <peter@palfrader.org>
	Fri, 29 Jul 2016 23:22:54 +0000 (23:22 +0000)
committer	Peter Palfrader <peter@palfrader.org>
	Fri, 29 Jul 2016 23:22:54 +0000 (23:22 +0000)
hieradata/common.yaml		patch \| blob \| history
modules/roles/manifests/debug_mirror.pp		patch \| blob \| history
modules/roles/manifests/onionbalance.pp		patch \| blob \| history
modules/roles/manifests/ports_mirror.pp		patch \| blob \| history
modules/roles/templates/apache-debug.mirrors.debian.org.erb		patch \| blob \| history
modules/roles/templates/apache-ftp.ports.debian.org.erb		patch \| blob \| history