projects / mirror / dsa-puppet.git / blob
? search:


0ccd7b4e35d9b0ce2f1a2ca240d123569fb08dfe
[mirror/dsa-puppet.git] / modules / roles / manifests / sreview.pp
1 class roles::sreview {
2         ssl::service { 'sreview.debian.net': notify  => Exec['service apache2 reload'], key => true, }
3
4         $now = Timestamp()
5         $date = $now.strftime('%F')
6
7         if versioncmp($date, '2019-08-15') <= 0 {
8                 @ferm::rule { 'temporary-dc19-access':
9                         description     => 'temporarily allow DC19 access, cf. RT#7845',
10                         rule            => '&SERVICE_RANGE(tcp, 5432, ( 200.134.17.48/28 ))',
11                 }
12         } else {
13                 # also clean up pg_hba on vittoria
14                 notify {"Temporary DC19 ferm rule expired, cf. RT#7845":
15                         loglevel => warning, }
16         }
17
18         file { '/var/lib/systemd/linger':
19                 ensure => directory,
20                 mode   => '755',
21         }
22         file { '/var/lib/systemd/linger/sreview':
23                 ensure => present,
24         }
25 }
Unnamed repository; edit this file 'description' to name the repository.