1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
# File 'modules/profile/manifests/mirrors/serve.pp', line 1
class profile::mirrors::serve {
class { '::sslcert::dhparam': }
acme_chief::cert { 'mirrors':
puppet_svc => 'apache2',
}
# Remove former nginx server, before installing apache
package {[
'nginx-light',
'nginx-common',
]:
ensure => absent,
}
Package['nginx-light'] ~> Package['apache2']
class { '::httpd':
modules => ['ssl', 'macro', 'headers'],
}
httpd::site { 'mirrors':
content => epp(
'profile/mirrors/mirrors.wikimedia.org.conf.epp',
{ 'ssl_settings' => ssl_ciphersuite('apache', 'strong', true) },
),
}
file { '/srv/mirrors/index.html':
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
source => 'puppet:///modules/profile/mirrors/index.html',
}
class { 'rsync::server': }
ferm::service { 'mirrors_http':
proto => 'tcp',
port => '(http https)'
}
ferm::service { 'mirrors_rsync':
proto => 'tcp',
port => '873',
}
}
|