projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Set up ssh between snapshot nodes
[mirror/dsa-puppet.git]
/
modules
/
roles
/
manifests
/
security_master.pp
diff --git
a/modules/roles/manifests/security_master.pp
b/modules/roles/manifests/security_master.pp
index
702e2e2
..
143259f
100644
(file)
--- a/
modules/roles/manifests/security_master.pp
+++ b/
modules/roles/manifests/security_master.pp
@@
-1,4
+1,6
@@
class roles::security_master {
class roles::security_master {
+ include roles::dakmaster
+
ssl::service { 'security-master.debian.org':
notify => Exec['service apache2 reload'],
key => true,
ssl::service { 'security-master.debian.org':
notify => Exec['service apache2 reload'],
key => true,
@@
-14,9
+16,9
@@
class roles::security_master {
# export ssh allow rules for hosts that we should be able to access
@@ferm::rule::simple { "dsa-ssh-from-security_master-${::fqdn}":
# export ssh allow rules for hosts that we should be able to access
@@ferm::rule::simple { "dsa-ssh-from-security_master-${::fqdn}":
- tag => 'ssh::server::
allow
::security_master',
+ tag => 'ssh::server::
from
::security_master',
description => 'Allow ssh access from security_master',
description => 'Allow ssh access from security_master',
-
port => '22
',
+
chain => 'ssh
',
saddr => $base::public_addresses,
}
}
saddr => $base::public_addresses,
}
}