projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
pubsub: do not hardcode IPs
[mirror/dsa-puppet.git]
/
modules
/
roles
/
manifests
/
pubsub.pp
diff --git
a/modules/roles/manifests/pubsub.pp
b/modules/roles/manifests/pubsub.pp
index
d165fcc
..
324bac6
100644
(file)
--- a/
modules/roles/manifests/pubsub.pp
+++ b/
modules/roles/manifests/pubsub.pp
@@
-36,21
+36,14
@@
class roles::pubsub {
}
if $::hostname == $cc_master {
}
if $::hostname == $cc_master {
- $you = '82.195.75.95'
- $you6 = '2001:41b8:202:deb::311:95'
+ $other = join(getfromhash($deprecated::allnodeinfo, "${cc_secondary}.debian.org", 'ipHostNumber'), " ")
} else {
} else {
- $you = '82.195.75.94'
- $you6 = '2001:41b8:202:deb::311:94'
+ $other = join(getfromhash($deprecated::allnodeinfo, "${cc_master}.debian.org", 'ipHostNumber'), " ")
}
ferm::rule { 'rabbitmq_cluster':
}
ferm::rule { 'rabbitmq_cluster':
- domain => 'ip',
- description => 'rabbitmq cluster connections',
- rule => "proto tcp mod state state (NEW) saddr (${you}) ACCEPT"
- }
- ferm::rule { 'rabbitmq_cluster_v6':
- domain => 'ip6',
+ domain => '(ip ip6)',
description => 'rabbitmq cluster connections',
description => 'rabbitmq cluster connections',
- rule => "proto tcp mod state state (NEW) saddr (${
you6
}) ACCEPT"
+ rule => "proto tcp mod state state (NEW) saddr (${
other
}) ACCEPT"
}
}
}
}