4 ssl::service { 'www.debian.org':
7 concat { '/etc/ssl/debian/certs/www.debian.org-chained.crt':
9 concat::fragment { '/etc/ssl/debian/certs/www.debian.org.crt':
10 target => '/etc/ssl/debian/certs/www.debian.org-chained.crt',
11 source => 'file:///etc/ssl/debian/certs/www.debian.org.crt',
13 require => File['/etc/ssl/debian/certs/www.debian.org.crt']
15 concat::fragment { '/etc/ssl/debian/certs/www.debian.org.crt-chain':
16 target => '/etc/ssl/debian/certs/www.debian.org-chained.crt',
17 source => 'file:///etc/ssl/debian/certs/www.debian.org.crt-chain',
19 require => File['/etc/ssl/debian/certs/www.debian.org.crt-chain']
22 @ferm::rule { 'dsa-sip-ws-ip4':
24 description => 'SIP connections (WebSocket; for WebRTC)',
25 rule => 'proto tcp dport (443) ACCEPT'
27 @ferm::rule { 'dsa-sip-ws-ip6':
29 description => 'SIP connections (WebSocket; for WebRTC)',
30 rule => 'proto tcp dport (443) ACCEPT'
32 @ferm::rule { 'dsa-sip-tls-ip4':
34 description => 'SIP connections (TLS)',
35 rule => 'proto tcp dport (5061) ACCEPT'
37 @ferm::rule { 'dsa-sip-tls-ip6':
39 description => 'SIP connections (TLS)',
40 rule => 'proto tcp dport (5061) ACCEPT'
42 @ferm::rule { 'dsa-turn-ip4':
44 description => 'TURN connections',
45 rule => 'proto udp dport (3478) ACCEPT'
47 @ferm::rule { 'dsa-turn-ip6':
49 description => 'TURN connections',
50 rule => 'proto udp dport (3478) ACCEPT'
52 @ferm::rule { 'dsa-turn-tls-ip4':
54 description => 'TURN connections (TLS)',
55 rule => 'proto tcp dport (5349) ACCEPT'
57 @ferm::rule { 'dsa-turn-tls-ip6':
59 description => 'TURN connections (TLS)',
60 rule => 'proto tcp dport (5349) ACCEPT'
62 @ferm::rule { 'dsa-rtp-ip4':
64 description => 'RTP streams',
65 rule => 'proto udp dport (49152:65535) ACCEPT'
67 @ferm::rule { 'dsa-rtp-ip6':
69 description => 'RTP streams',
70 rule => 'proto udp dport (49152:65535) ACCEPT'