projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
dsa_systemd::override: cleanup and make sure removal cleans the dir also
[mirror/dsa-puppet.git]
/
modules
/
nfs_server
/
manifests
/
init.pp
diff --git
a/modules/nfs_server/manifests/init.pp
b/modules/nfs_server/manifests/init.pp
index
f066a57
..
e5b25e5
100644
(file)
--- a/
modules/nfs_server/manifests/init.pp
+++ b/
modules/nfs_server/manifests/init.pp
@@
-18,7
+18,7
@@
class nfs_server {
case $::hostname {
lw01,lw02,lw03,lw04,lw09,lw10: {
case $::hostname {
lw01,lw02,lw03,lw04,lw09,lw10: {
- $client_range = '(1
0.0.0.0/8 1
72.29.188.0/24)'
+ $client_range = '(172.29.188.0/24)'
}
milanollo,senfter: {
$client_range = '172.29.122.0/24'
}
milanollo,senfter: {
$client_range = '172.29.122.0/24'
@@
-39,23
+39,23
@@
class nfs_server {
}
}
}
}
-
@
ferm::rule { 'dsa-portmap':
+ ferm::rule { 'dsa-portmap':
description => 'Allow portmap access',
rule => "&TCP_UDP_SERVICE_RANGE(111, $client_range)"
}
description => 'Allow portmap access',
rule => "&TCP_UDP_SERVICE_RANGE(111, $client_range)"
}
-
@
ferm::rule { 'dsa-nfs':
+ ferm::rule { 'dsa-nfs':
description => 'Allow nfsd access',
rule => "&TCP_UDP_SERVICE_RANGE(2049, $client_range)"
}
description => 'Allow nfsd access',
rule => "&TCP_UDP_SERVICE_RANGE(2049, $client_range)"
}
-
@
ferm::rule { 'dsa-status':
+ ferm::rule { 'dsa-status':
description => 'Allow statd access',
rule => "&TCP_UDP_SERVICE_RANGE(10000, $client_range)"
}
description => 'Allow statd access',
rule => "&TCP_UDP_SERVICE_RANGE(10000, $client_range)"
}
-
@
ferm::rule { 'dsa-mountd':
+ ferm::rule { 'dsa-mountd':
description => 'Allow mountd access',
rule => "&TCP_UDP_SERVICE_RANGE(10002, $client_range)"
}
description => 'Allow mountd access',
rule => "&TCP_UDP_SERVICE_RANGE(10002, $client_range)"
}
-
@
ferm::rule { 'dsa-lockd':
+ ferm::rule { 'dsa-lockd':
description => 'Allow lockd access',
rule => "&TCP_UDP_SERVICE_RANGE(10003, $client_range)"
}
description => 'Allow lockd access',
rule => "&TCP_UDP_SERVICE_RANGE(10003, $client_range)"
}