- vsftpd::site { 'ports-master':
- banner => 'ports-master.debian.org FTP server',
- logfile => '/var/log/ftp/vsftpd-ports-master.debian.org.log',
- writable => true,
- writable_other => true,
- chown_user => mini-dak-unpriv,
- root => '/srv/ports-master.debian.org/ftp.upload',
- }
+ vsftpd::site { 'ports-master':
+ banner => 'ports-master.debian.org FTP server',
+ logfile => '/var/log/ftp/vsftpd-ports-master.debian.org.log',
+ writable => true,
+ writable_other => true,
+ chown_user => mini-dak-unpriv,
+ root => '/srv/ports-master.debian.org/ftp.upload',
+ }
+
+ # export ssh allow rules for hosts that we should be able to access
+ @@ferm::rule::simple { "dsa-ssh-from-ports_master-${::fqdn}":
+ tag => 'ssh::server::from::ports_master',
+ description => 'Allow ssh access from ports-master',
+ port => '22',
+ saddr => $base::public_addresses,
+ }