diff --git a/inventory/group_vars/download b/inventory/group_vars/download new file mode 100644 index 0000000000..da6589f58f --- /dev/null +++ b/inventory/group_vars/download @@ -0,0 +1,66 @@ +--- +dl-tier1: + - 71.19.151.18 # prgmr.com / nb.zone + - 128.171.104.148 # mirror.ancl.hawaii.edu. + - 129.101.198.59 # University of Idaho + - 129.21.171.98 # kirby.main.ad.rit.edu. + - 129.7.128.189 # pubmirror1.math.uh.edu. + - 129.7.128.190 # pubmirror2.math.uh.edu. + - 130.239.17.3 # its-ehm.its.umu.se. + - 140.247.173.57 # pool-computing-servers.seas.harvard.edu. + - 149.11.118.8/29 # Red Hat CZ + - 149.20.20.132 # zeus1.kernel.org. + - 152.19.134.145 # vm6.fedora.ibiblio.org. + - 152.19.134.195 # vm15.fedora.ibiblio.org. + - 182.255.111.7 # dksn-k4.cdn.aarnet.edu.au. + - 195.220.108.108 # mandril.creatis.insa-lyon.fr. + - 198.129.224.34 # linux-src.es.net. + - 199.6.1.170 # isc.org + - 200.17.202.1/28 # ufpr.br + - 202.158.214.12 # bne-a-vms1.retain.aarnet.edu.au. + - 204.152.191.36 # isc.org + - 208.96.144.16 # University of Southern Indiana + - 208.96.144.90 # University of Southern Indiana + - 213.175.37.8/29 # ?? + - 2001:388:1:4066:225:90ff:fec7:777e # ?? + - 2001:4DE8:C0FD::/48 # ?? + - 2001:978:2:81::1:0/112 # ?? + - archive.linux.duke.edu # 152.3.102.53 + - auslistsdr01.us.dell.com # 143.166.224.62 + - auslistsprd01.us.dell.com # 143.166.82.43 + - bonaparte.hrz.tu-chemnitz.de # 134.109.228.109 + - download-ib01.fedoraproject.org # 152.19.134.145 + - fedora.c3sl.ufpr.br # 200.236.31.8 + - frisal.switch.ch # 130.59.113.36 + - ftp.heanet.ie # 193.1.193.64 + - ftp.linux.cz # 147.251.48.205 + - ftp.nrc.ca # 132.246.2.21 + - jobbot1.ibiblio.org # 152.19.134.30 + - josephine.hrz.tu-chemnitz.de # 134.109.228.48 + - lists.us.dell.com # 143.166.82.43 + - mirror.gtlib.gatech.edu # 128.61.111.11 + - mirror.hiwaay.net # 216.180.99.217 + - mirror.liquidtelecom.com # 197.155.77.1 + - mirror.prgmr.com # 71.19.148.193 + - mirror.speedpartner.de # 91.184.32.5 + - mirrors.mit.edu # 18.7.29.125 + - mirrors.rit.edu # 129.21.171.72 + - mirrors.xmission.com # 198.60.22.13 + - odysseus.fi.muni.cz # 147.251.48.205 + - odysseus.linux.cz # 147.251.48.205 + - pao-korg-mirror.kernel.org # 149.20.4.68 + - rhlx01.hs-esslingen.de # 129.143.116.10 + - rsyncer.ftp.heanet.ie # 193.1.219.88 + - sagres.c3sl.ufpr.br # 200.236.31.1 + - scrye.com # 75.148.32.185 + - sfo-korg-mirror.kernel.org # 149.20.37.36 + - sinclair.wpi.edu # 130.215.32.86 + - solar-one.mit.edu # 18.7.29.123 + - speculum.rbc.ru # 80.68.250.217 + - tiz-korg-mirror.kernel.org # 198.145.20.143 + - torrent01.fedoraproject.org # 152.19.134.141 + - torrent02.fedoraproject.org # 152.19.134.148 + - ultra.linux.cz # 195.113.15.27 + - wpi.edu # 130.215.36.26 + - zaphod.gtlib.gatech.edu # 128.61.111.12 + - zeus2.kernel.org # 149.20.4.68 diff --git a/roles/rsyncd/templates/rsyncd.conf.download.j2 b/roles/rsyncd/templates/rsyncd.conf.download.j2 new file mode 100644 index 0000000000..ba4d531634 --- /dev/null +++ b/roles/rsyncd/templates/rsyncd.conf.download.j2 @@ -0,0 +1,160 @@ +## Download template +pid file = /var/run/rsyncd.pid +syslog facility = daemon +max connections = 20 +timeout = 2400 +use chroot = yes +uid = nobody +gid = nobody +#transfer logging = false +motd file = /etc/motd_fedora +log file = /var/log/rsyncd-fedora.log + +dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.bz2 *.iso *.ogg *.ogv *.tbz +exclude = .snapshot/ .~tmp~/ /.private/ /.private/** **/.nfs* +ignore nonreadable = yes +list = true +read only = yes +refuse options = checksum + +[ fedora-alt ] + comment = non-Fedora Alternative Content + path = /srv/pub/alt + {% if host in groups['download-tier1'] %} + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + {% endif %} + +[fedora-archive] + comment = Fedora Release Archives + path = /srv/pub/archive + {% if host in groups['download-tier1'] %} + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + {% endif %} + +[ fedora-enchilada ] + comment = Fedora - The whole enchilada + path = /srv/pub/fedora + {% if host in groups['download-tier1'] %} + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + {% endif %} + +[ fedora-buffet ] + comment = Fedora - The whole buffet. All you can eat. + path = /srv/pub + {% if host in groups['download-tier1'] %} + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + {% endif %} + +[ fedora-epel ] + comment = Extra Packages for Enterprise Linux + path = /srv/pub/epel + {% if host in groups['download-tier1'] %} + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + {% endif %} + +[ fedora-linux-releases ] + comment = Fedora Linux Releases + path = /srv/pub/fedora/linux/releases + {% if host in groups['download-tier1'] %} + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + {% endif %} + +[ fedora-linux-development ] + comment = Fedora Linux Development + path = /srv/pub/fedora/linux/development + {% if host in groups['download-tier1'] %} + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + {% endif %} + +[ fedora-linux-updates ] + comment = Fedora Linux Updates + path = /srv/pub/fedora/linux/updates + {% if host in groups['download-tier1'] %} + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + {% endif %} + +[fedora-secondary] + comment = Fedora Secondary Archs + path = /srv/pub/fedora-secondary + {% if host in groups['download-tier1'] %} + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + {% endif %} + +[ fedora-stage ] + comment = Staging directory + path = /srv/pub/alt/stage/ + {% if host in groups['download-tier1'] %} + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + {% endif %} + +[ deltaisos ] + comment = Delta isos + path = /srv/pub/alt/stage/deltaisos + {% if host in groups['download-tier1'] %} + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + {% endif %} + +[ fedora-live-respins ] + comment = Fedora Live Respins + path = /srv/pub/alt/live-respins + {% if host in groups['download-tier1'] %} + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + {% endif %} +## +## The following are not seen and are limited by IP. +## +## All entries should be hostnames that resolve to the reverse dns not ips + +[fedora-enchilada0] + comment = Fedora Enchilada for Tier0|1 Mirrors + path = /srv/pub/fedora/ + list = no + uid = nobody + gid = 263 + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + +[fedora-buffet0] + comment = Fedora Buffet for Tier0|1 Mirrors + path = /srv/pub/ + list = no + uid = nobody + gid = 263 + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + + +[fedora-epel0] + comment = Fedora EPEL for Tier0|1 Mirrors + path = /srv/pub/epel/ + list = no + uid = nobody + gid = 263 + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + + +[fedora-alt0] + comment = Fedora ALT for Tier0|1 Mirrors + path = /srv/pub/alt/ + list = no + uid = nobody + gid = 263 + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + + +[fedora-archive0] + comment = Fedora Archive for Tier0|1 Mirrors + path = /srv/pub/archive/ + list = no + uid = nobody + gid = 263 + hosts allow = {% for host in vars['dl-tier1'] %}{{host}},{% endfor %} + + +# For distributing applications +[log] + comment = Server Logs + path = /var/log + uid = root + gid = root + read only = yes + hosts allow = 10.5.126.13 + list = no