add buildd master config

Signed-off-by: Stephen Gran <steve@lobefin.net>

diff --git a/modules/roles/files/buildd_master/apache.conf b/modules/roles/files/buildd_master/apache.conf
new file mode 100644 (file)
index 0000000..6832874
--- /dev/null
+++ b/modules/roles/files/buildd_master/apache.conf
@@ -0,0 +1,85 @@
+<Macro BuilddACL>
+       Order allow,deny
+       # thinks it's a good idea to spider buildd.php - with several hits a second.
+       # -- weasel, Mon, 23 Nov 2009 23:19:48 +0100
+       Deny From 129.128.11.23
+       # ignores robots.txt "Mozilla/5.0 (Twiceler-0.9 http://www.cuil.com/twiceler/robot.html)"
+       # -- weasel, Mon, 23 Nov 2009 23:25:13 +0100
+       Deny From 216.129.119.44
+       Allow From all
+</Macro>
+
+<VirtualHost *:80>
+       ServerAdmin admin@buildd.debian.org
+       DocumentRoot /org/buildd.debian.org/web
+       ServerName buildd.debian.org
+       DirectoryIndex index.html index.php index.cgi
+       ErrorLog /var/log/apache2/buildd.debian.org-error.log
+       CustomLog /var/log/apache2/buildd.debian.org-access.log combined
+
+       Redirect permanent / https://buildd.debian.org/
+
+       <Location />
+               Use BuilddACL
+       </Location>
+</VirtualHost>
+
+<VirtualHost *:443>
+       ServerAdmin admin@buildd.debian.org
+       DocumentRoot /org/buildd.debian.org/web
+       ServerName buildd.debian.org
+       DirectoryIndex index.html index.php index.cgi
+       ErrorLog /var/log/apache2/buildd.debian.org-error.log
+       CustomLog /var/log/apache2/buildd.debian.org-access.log combined
+
+       SSLEngine on
+       SSLCertificateFile /etc/ssl/certs/buildd.debian.org-chained.pem
+       SSLCertificateKeyFile /etc/ssl/private/buildd.debian.org.key
+       SSLCertificateChainFile /etc/ssl/certs/buildd.debian.org-chained.pem
+
+       <Directory /org/buildd.debian.org/web>
+               Use BuilddACL
+               AddHandler cgi-script .cgi
+               Options +ExecCGI +FollowSymLinks
+
+                AddHandler fcgid-script .php
+                FCGIWrapper /usr/bin/php5-cgi .php
+                <Files *.php>
+                        Options ExecCGI
+                </Files>
+       </Directory>
+       <Directory /org/buildd.debian.org/git>
+               Use BuilddACL
+               AllowOverride none
+               Options +FollowSymlinks +Indexes
+       </Directory>
+       <Directory /org/buildd.debian.org/etc/packages-arch-specific/checkout/>
+               Use BuilddACL
+               AllowOverride none
+               Options +FollowSymlinks +Indexes
+       </Directory>
+
+       Alias /git/ /org/buildd.debian.org/git/
+       Alias /quinn-diff/ /org/buildd.debian.org/etc/packages-arch-specific/checkout/
+        Alias /apt/ /org/buildd.debian.org/ftp-archive/archive/
+
+       RewriteEngine on
+       RewriteRule ^/\.git$ - [L]
+       RewriteRule ^/stats$ - [L]
+
+       RewriteRule ^/fetch\.(cgi|php)(.*)$ /status/fetch.php$2 [L,R,NE]
+       RewriteRule ^/pkg\.cgi(.*)$ /status/package.php$1 [L,R,NE]
+       RewriteRule ^/bymaint\.php(.*)$ /status/package.php$1 [L,R,NE]
+       RewriteRule ^/build\.(php|cgi)(.*)$ /status/logs.php$2 [L,R,NE]
+       RewriteRule ^/[^/]+\.(cgi|php|html|txt|ico|css)$ - [L]
+
+       RewriteRule ^/([^/]+\@.+)$ /status/package.php?p=$1 [L,R,B,NE]
+       RewriteRule ^/([-+A-Za-z0-9.]+)$ /status/package.php?p=$1 [L,R,B,NE]
+
+       <Location />
+               Use BuilddACL
+       </Location>
+</VirtualHost>
+
+# vim:set syn=apache:
+

diff --git a/modules/roles/manifests/buildd_master.pp b/modules/roles/manifests/buildd_master.pp
new file mode 100644 (file)
index 0000000..ba78ebf
--- /dev/null
+++ b/modules/roles/manifests/buildd_master.pp
@@ -0,0 +1,6 @@
+class roles::buildd_master {
+       apache2::site { '010-buildd.debian.org':
+               site   => 'buildd.debian.org',
+               source => 'puppet:///modules/roles/buildd_master/apache.conf'
+       }
+}