projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Remove the pkglist fact. It's a) unused and b) slightly buggy
[mirror/dsa-puppet.git]
/
modules
/
roles
/
manifests
/
bgp.pp
diff --git
a/modules/roles/manifests/bgp.pp
b/modules/roles/manifests/bgp.pp
index
d3fbb39
..
9e1cdf5
100644
(file)
--- a/
modules/roles/manifests/bgp.pp
+++ b/
modules/roles/manifests/bgp.pp
@@
-1,16
+1,22
@@
class roles::bgp {
$bgp_peers = $::hostname ? {
class roles::bgp {
$bgp_peers = $::hostname ? {
- bilbao => '2001:41c9:2:13c::/128 89.16.162.0/32',
- default => undef,
+ mirror-accumu => '2001:6b0:1e:2::1c6/128 130.242.6.198/32',
+ mirror-skroutz => '2a03:e40:42:200::151:1/128 2a03:e40:42:200::151:2/128 154.57.0.249/32 154.57.0.250',
+ default => undef,
}
if ! $bgp_peers {
fail("Do not have bgp_peers set for $::hostname.")
}
}
if ! $bgp_peers {
fail("Do not have bgp_peers set for $::hostname.")
}
-
@
ferm::rule { 'dsa-bgp':
+ ferm::rule { 'dsa-bgp':
description => 'Allow BGP from peers',
domain => '(ip ip6)',
description => 'Allow BGP from peers',
domain => '(ip ip6)',
- rule =>
'&SERVICE_RANGE(tcp, ssh, $bgp_peers)'
+ rule =>
"&SERVICE_RANGE(tcp, bgp, ($bgp_peers))"
}
}
+
+ file { '/etc/network/interfaces.d/anycasted':
+ content => template('roles/anycast/interfaces.erb')
+ }
+
}
}