projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Revert "try to get node names this way"
[mirror/dsa-puppet.git]
/
modules
/
ferm
/
templates
/
me.conf.erb
diff --git
a/modules/ferm/templates/me.conf.erb
b/modules/ferm/templates/me.conf.erb
index
3a726d6
..
be82918
100644
(file)
--- a/
modules/ferm/templates/me.conf.erb
+++ b/
modules/ferm/templates/me.conf.erb
@@
-9,7
+9,7
@@
nodeinfo = scope.lookupvar('site::nodeinfo')
out = []
restricted_purposes = ['kvm host', 'central syslog server', 'puppet master', 'jumphost']
out = []
restricted_purposes = ['kvm host', 'central syslog server', 'puppet master', 'jumphost']
-restrict_ssh = %w{lebrun geo1 geo2 geo3 beethoven tchaikovsky schroeder draghi adayevskaya}
+restrict_ssh = %w{lebrun geo1 geo2 geo3 beethoven tchaikovsky schroeder draghi adayevskaya
denis
}
if (nodeinfo['ldap'].has_key?('purpose')) then
nodeinfo['ldap']['purpose'].each do |purp|
if (nodeinfo['ldap'].has_key?('purpose')) then
nodeinfo['ldap']['purpose'].each do |purp|
@@
-35,10
+35,6
@@
if restrict_ssh.include?(hostname) then
ssh4allowed << '$HOST_DEBIAN_V4'
ssh6allowed << '$HOST_DEBIAN_V6'
end
ssh4allowed << '$HOST_DEBIAN_V4'
ssh6allowed << '$HOST_DEBIAN_V6'
end
- if %w{unger}.include?(hostname) then
- ssh4allowed << '$UNGER_SSH_ACCESS' # Ganneff
- ssh6allowed << '$UNGER_SSH6_ACCESS' # Ganneff, but more address space
- end
if %w{adayevskaya}.include?(hostname) then
ssh4allowed << %w{$HOST_MAILRELAY_V4}
if %w{adayevskaya}.include?(hostname) then
ssh4allowed << %w{$HOST_MAILRELAY_V4}