From: Stephen Gran <steve@lobefin.net>
Date: Mon, 16 Sep 2013 06:56:46 +0000 (+0100)
Subject: add buildd master config
X-Git-Url: https://git.donarmstrong.com/?a=commitdiff_plain;h=237421928fde8cb040a6e65e9161dbf593c802f4;p=dsa-puppet.git

add buildd master config

Signed-off-by: Stephen Gran <steve@lobefin.net>
---

diff --git a/modules/roles/files/buildd_master/apache.conf b/modules/roles/files/buildd_master/apache.conf
new file mode 100644
index 00000000..6832874d
--- /dev/null
+++ b/modules/roles/files/buildd_master/apache.conf
@@ -0,0 +1,85 @@
+<Macro BuilddACL>
+	Order allow,deny
+	# thinks it's a good idea to spider buildd.php - with several hits a second.
+	# -- weasel, Mon, 23 Nov 2009 23:19:48 +0100
+	Deny From 129.128.11.23
+	# ignores robots.txt "Mozilla/5.0 (Twiceler-0.9 http://www.cuil.com/twiceler/robot.html)"
+	# -- weasel, Mon, 23 Nov 2009 23:25:13 +0100
+	Deny From 216.129.119.44
+	Allow From all
+</Macro>
+
+<VirtualHost *:80>
+	ServerAdmin admin@buildd.debian.org
+	DocumentRoot /org/buildd.debian.org/web
+	ServerName buildd.debian.org
+	DirectoryIndex index.html index.php index.cgi
+	ErrorLog /var/log/apache2/buildd.debian.org-error.log
+	CustomLog /var/log/apache2/buildd.debian.org-access.log combined
+
+	Redirect permanent / https://buildd.debian.org/
+
+	<Location />
+		Use BuilddACL
+	</Location>
+</VirtualHost>
+
+<VirtualHost *:443>
+	ServerAdmin admin@buildd.debian.org
+	DocumentRoot /org/buildd.debian.org/web
+	ServerName buildd.debian.org
+	DirectoryIndex index.html index.php index.cgi
+	ErrorLog /var/log/apache2/buildd.debian.org-error.log
+	CustomLog /var/log/apache2/buildd.debian.org-access.log combined
+
+	SSLEngine on
+	SSLCertificateFile /etc/ssl/certs/buildd.debian.org-chained.pem
+	SSLCertificateKeyFile /etc/ssl/private/buildd.debian.org.key
+	SSLCertificateChainFile /etc/ssl/certs/buildd.debian.org-chained.pem
+
+	<Directory /org/buildd.debian.org/web>
+		Use BuilddACL
+		AddHandler cgi-script .cgi
+		Options +ExecCGI +FollowSymLinks
+
+                AddHandler fcgid-script .php
+                FCGIWrapper /usr/bin/php5-cgi .php
+                <Files *.php>
+                        Options ExecCGI
+                </Files>
+	</Directory>
+	<Directory /org/buildd.debian.org/git>
+		Use BuilddACL
+		AllowOverride none
+		Options +FollowSymlinks +Indexes
+	</Directory>
+	<Directory /org/buildd.debian.org/etc/packages-arch-specific/checkout/>
+		Use BuilddACL
+		AllowOverride none
+		Options +FollowSymlinks +Indexes
+	</Directory>
+
+	Alias /git/ /org/buildd.debian.org/git/
+	Alias /quinn-diff/ /org/buildd.debian.org/etc/packages-arch-specific/checkout/
+        Alias /apt/ /org/buildd.debian.org/ftp-archive/archive/
+
+	RewriteEngine on
+	RewriteRule ^/\.git$ - [L]
+	RewriteRule ^/stats$ - [L]
+
+	RewriteRule ^/fetch\.(cgi|php)(.*)$ /status/fetch.php$2 [L,R,NE]
+	RewriteRule ^/pkg\.cgi(.*)$ /status/package.php$1 [L,R,NE]
+	RewriteRule ^/bymaint\.php(.*)$ /status/package.php$1 [L,R,NE]
+	RewriteRule ^/build\.(php|cgi)(.*)$ /status/logs.php$2 [L,R,NE]
+	RewriteRule ^/[^/]+\.(cgi|php|html|txt|ico|css)$ - [L]
+
+	RewriteRule ^/([^/]+\@.+)$ /status/package.php?p=$1 [L,R,B,NE]
+	RewriteRule ^/([-+A-Za-z0-9.]+)$ /status/package.php?p=$1 [L,R,B,NE]
+
+	<Location />
+		Use BuilddACL
+	</Location>
+</VirtualHost>
+
+# vim:set syn=apache:
+
diff --git a/modules/roles/manifests/buildd_master.pp b/modules/roles/manifests/buildd_master.pp
new file mode 100644
index 00000000..ba78ebf3
--- /dev/null
+++ b/modules/roles/manifests/buildd_master.pp
@@ -0,0 +1,6 @@
+class roles::buildd_master {
+	apache2::site { '010-buildd.debian.org':
+		site   => 'buildd.debian.org',
+		source => 'puppet:///modules/roles/buildd_master/apache.conf'
+	}
+}