projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Drop sibelius from postgres-make-base-backups
[mirror/dsa-puppet.git]
/
modules
/
ferm
/
templates
/
me.conf.erb
diff --git
a/modules/ferm/templates/me.conf.erb
b/modules/ferm/templates/me.conf.erb
index
21d3548
..
1dfbe96
100644
(file)
--- a/
modules/ferm/templates/me.conf.erb
+++ b/
modules/ferm/templates/me.conf.erb
@@
-44,6
+44,10
@@
if restrict_ssh.include?(@hostname) then
ssh4allowed << %w{$HOST_DEBIAN_V4}
ssh6allowed << %w{$HOST_DEBIAN_V6}
end
ssh4allowed << %w{$HOST_DEBIAN_V4}
ssh6allowed << %w{$HOST_DEBIAN_V6}
end
+ if scope.function_has_role(['puppetmaster']) then
+ ssh4allowed << "5.153.231.5" # adayevskaya
+ ssh6allowed << "2001:41c8:1000:21::21:5" # adayevskaya
+ end
if scope.function_has_role(['dns_primary']) then
ssh4allowed << "5.153.231.5" # adayevskaya
ssh6allowed << "2001:41c8:1000:21::21:5" # adayevskaya
if scope.function_has_role(['dns_primary']) then
ssh4allowed << "5.153.231.5" # adayevskaya
ssh6allowed << "2001:41c8:1000:21::21:5" # adayevskaya
@@
-61,6
+65,7
@@
if restrict_ssh.include?(@hostname) then
end
if scope.function_has_role(['debian_mirror']) or
scope.function_has_role(['security_mirror']) or
end
if scope.function_has_role(['debian_mirror']) or
scope.function_has_role(['security_mirror']) or
+ scope.function_has_role(['debug_mirror']) or
scope.function_has_role(['historical_mirror']) or
scope.function_has_role(['syncproxy']) then
ssh4allowed << '$HOST_MIRRORMASTER_V4'
scope.function_has_role(['historical_mirror']) or
scope.function_has_role(['syncproxy']) then
ssh4allowed << '$HOST_MIRRORMASTER_V4'
@@
-86,12
+91,16
@@
if restrict_ssh.include?(@hostname) then
ssh4allowed << '$HOST_PORTSMASTER_V4'
ssh6allowed << '$HOST_PORTSMASTER_V6'
end
ssh4allowed << '$HOST_PORTSMASTER_V4'
ssh6allowed << '$HOST_PORTSMASTER_V6'
end
+ if scope.function_has_role(['debug_mirror']) then
+ ssh4allowed << '$HOST_FTPMASTER_V4'
+ ssh6allowed << '$HOST_FTPMASTER_V6'
+ end
end
ssh4allowed.length == 0 and ssh4allowed << '0.0.0.0/0'
ssh6allowed.length == 0 and ssh6allowed << '::/0'
end
ssh4allowed.length == 0 and ssh4allowed << '0.0.0.0/0'
ssh6allowed.length == 0 and ssh6allowed << '::/0'
-out << "@def $SSH_SOURCES = (#{ssh4allowed.join(' ')});"
-out << "@def $SSH_V6_SOURCES = (#{ssh6allowed.join(' ')});"
+out << "@def $SSH_SOURCES = (
$SSH_SOURCES
#{ssh4allowed.join(' ')});"
+out << "@def $SSH_V6_SOURCES = (
$SSH_V6_SOURCES
#{ssh6allowed.join(' ')});"