When e.g. accessing https://misc-web-lb.wikimedia.org/ over HTTP it currently serves a generic Wikimedia server error page (with a buried detail of "404, Domain not served here" in the footnotes).
Maybe it would make more sense to use the "Unconfigured domain" page instead, such used by app servers to respond to unknown domains pointing at text-lb (I can't think of one in production at the moment, but see http://unknown.beta.wmflabs.org/ for example)
The error details footer seems useful though, since this is technically a much lower-level triggered error. So we'll want to keep that.
I'm thinking maybe we can actually do the inverse and move the docroot/default from the operations/mediawiki-config repo to puppet (near the errorpage template), and have puppet create docroot/default for app servers. That way we can easily re-use these templates, keep their design and implementation consistent, as well as update them in one for future design changes and improvements.