- $logfile = '/var/log/ftp/vsftpd-security-master.debian.org.log'
-
- vsftpd::site { 'security':
- content => template('roles/security_master/vsftpd.conf.erb'),
- logfile => $logfile,
- bind => $bind,
- }
-
- if $bind6 {
- vsftpd::site { 'security-v6':
- content => template('roles/security_master/vsftpd.conf.erb'),
- logfile => $logfile,
- bind => $bind6,
- }
- }
+ # export ssh allow rules for hosts that we should be able to access
+ @@ferm::rule::simple { "dsa-ssh-from-security_master-${::fqdn}":
+ tag => 'ssh::server::from::security_master',
+ description => 'Allow ssh access from security_master',
+ chain => 'ssh',
+ saddr => $base::public_addresses,
+ }