- reger.debian.org
security_master:
- chopin.debian.org
+ syncproxy:
+ - milanollo.debian.org
www_master:
- wolkenstein.debian.org
keyring:
include ferm::zivit
}
- if $::hostname in [glinka,klecker,merikanto,milanollo,ravel,rietz,senfl,sibelius,stabile] {
+ if $::hostname in [glinka,klecker,merikanto,ravel,rietz,senfl,sibelius,stabile] {
ferm::rule { 'dsa-rsync':
domain => '(ip ip6)',
description => 'Allow rsync access',
--- /dev/null
+uid = nobody
+gid = nogroup
+max connections = 30
+syslog facility = daemon
+socket options = SO_KEEPALIVE
+timeout = 7200
+
+# weasel 2007-11-19
+log file = /var/log/rsyncd/rsyncd.log
+
+[debian]
+ path = /srv/mirrors/debian/
+ comment = Full Debian FTP Archive (~660 GB; contact mirrors@debian.org for access)
+ auth users = *
+ read only = true
+ secrets file = /etc/rsyncd/debian.secrets
+
include roles::wiki
}
+ if getfromhash($site::nodeinfo, 'syncproxy') {
+ include roles::syncproxy
+ }
+
if getfromhash($site::nodeinfo, 'static_master') {
include roles::static_master
}
--- /dev/null
+class roles::syncproxy {
+ rsync::site { 'syncproxy':
+ source => 'puppet:///modules/roles/syncproxy/rsyncd.conf',
+ }
+
+ file { '/etc/rsyncd':
+ ensure => 'directory'
+ }
+
+ file { '/etc/rsyncd/debian.secrets':
+ owner => 'root',
+ group => 'mirroradm',
+ mode => 0664,
+ }
+}