From 9183664fc9f40ea1e192c9751cbaa839d34c39fb Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Mon, 24 Jun 2013 21:05:02 +0200
Subject: [PATCH] Make milanollo do more rsync

---
 modules/debian-org/misc/local.yaml        |  2 ++
 modules/ferm/manifests/per-host.pp        |  2 +-
 modules/roles/files/syncproxy/rsyncd.conf | 17 +++++++++++++++++
 modules/roles/manifests/init.pp           |  4 ++++
 modules/roles/manifests/syncproxy.pp      | 15 +++++++++++++++
 5 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 modules/roles/files/syncproxy/rsyncd.conf
 create mode 100644 modules/roles/manifests/syncproxy.pp

diff --git a/modules/debian-org/misc/local.yaml b/modules/debian-org/misc/local.yaml
index fd3a3598..4844fe73 100644
--- a/modules/debian-org/misc/local.yaml
+++ b/modules/debian-org/misc/local.yaml
@@ -179,6 +179,8 @@ services:
     - reger.debian.org
   security_master:
     - chopin.debian.org
+  syncproxy:
+    - milanollo.debian.org
   www_master:
     - wolkenstein.debian.org
   keyring:
diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp
index 6985de7d..72bf4f34 100644
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -3,7 +3,7 @@ class ferm::per-host {
 		include ferm::zivit
 	}
 
-	if $::hostname in [glinka,klecker,merikanto,milanollo,ravel,rietz,senfl,sibelius,stabile] {
+	if $::hostname in [glinka,klecker,merikanto,ravel,rietz,senfl,sibelius,stabile] {
 		ferm::rule { 'dsa-rsync':
 			domain      => '(ip ip6)',
 			description => 'Allow rsync access',
diff --git a/modules/roles/files/syncproxy/rsyncd.conf b/modules/roles/files/syncproxy/rsyncd.conf
new file mode 100644
index 00000000..47403a2c
--- /dev/null
+++ b/modules/roles/files/syncproxy/rsyncd.conf
@@ -0,0 +1,17 @@
+uid = nobody
+gid = nogroup
+max connections = 30
+syslog facility = daemon
+socket options = SO_KEEPALIVE
+timeout = 7200
+
+# weasel 2007-11-19
+log file =  /var/log/rsyncd/rsyncd.log
+
+[debian]
+  path = /srv/mirrors/debian/
+  comment = Full Debian FTP Archive (~660 GB; contact mirrors@debian.org for access)
+  auth users = *
+  read only = true
+  secrets file = /etc/rsyncd/debian.secrets
+
diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp
index d76823d1..4dcdb384 100644
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -62,6 +62,10 @@ class roles {
 		include roles::wiki
 	}
 
+	if getfromhash($site::nodeinfo, 'syncproxy') {
+		include roles::syncproxy
+	}
+
 	if getfromhash($site::nodeinfo, 'static_master') {
 		include roles::static_master
 	}
diff --git a/modules/roles/manifests/syncproxy.pp b/modules/roles/manifests/syncproxy.pp
new file mode 100644
index 00000000..080196f8
--- /dev/null
+++ b/modules/roles/manifests/syncproxy.pp
@@ -0,0 +1,15 @@
+class roles::syncproxy {
+	rsync::site { 'syncproxy':
+		source => 'puppet:///modules/roles/syncproxy/rsyncd.conf',
+	}
+
+	file { '/etc/rsyncd':
+		ensure => 'directory'
+	}
+
+	file { '/etc/rsyncd/debian.secrets':
+		owner => 'root',
+		group => 'mirroradm',
+		mode => 0664,
+	}
+}
-- 
2.39.2