projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
more?
[mirror/dsa-puppet.git]
/
modules
/
ferm
/
templates
/
me.conf.erb
diff --git
a/modules/ferm/templates/me.conf.erb
b/modules/ferm/templates/me.conf.erb
index
7069f59
..
3de244e
100644
(file)
--- a/
modules/ferm/templates/me.conf.erb
+++ b/
modules/ferm/templates/me.conf.erb
@@
-7,10
+7,10
@@
out = []
restricted_purposes = {'kvm host', 'central syslog server', 'puppet master', 'jumphost'}
out = []
restricted_purposes = {'kvm host', 'central syslog server', 'puppet master', 'jumphost'}
-restrict_ssh = %w{lebrun
logtest01
geo1 geo2 geo3 beethoven tchaikovsky schroeder rossini draghi}
+restrict_ssh = %w{lebrun geo1 geo2 geo3 beethoven tchaikovsky schroeder rossini draghi}
-if (
nodeinfo
['ldap'].has_key?('purpose')) then
-
nodeinfo
['ldap']['purpose'].each do |purp|
+if (
scope.lookupvar('site::nodeinfo')
['ldap'].has_key?('purpose')) then
+
scope.lookupvar('site::nodeinfo')
['ldap']['purpose'].each do |purp|
if restricted_purposes.include?(purp) then
restrict_ssh << hostname
end
if restricted_purposes.include?(purp) then
restrict_ssh << hostname
end
@@
-49,7
+49,7
@@
out << "@def $SSH_V6_SOURCES = (#{ssh6allowed.join(' ')});"
smtp4allowed = []
smtp6allowed = []
smtp4allowed = []
smtp6allowed = []
-if not
nodeinfo
['smarthost'].empty?
+if not
scope.lookupvar('site::nodeinfo')
['smarthost'].empty?
smtp4allowed << %w{$HOST_MAILRELAY_V4 $HOST_NAGIOS_V4}
smtp6allowed << %w{$HOST_MAILRELAY_V6 $HOST_NAGIOS_V6}
end
smtp4allowed << %w{$HOST_MAILRELAY_V4 $HOST_NAGIOS_V4}
smtp6allowed << %w{$HOST_MAILRELAY_V6 $HOST_NAGIOS_V6}
end