}
}
case $hostname {
- franck,gluck,kaufmann,klecker,lobos,morricone,raff,ries,rietz,saens,schein,senfl,steffani,valente,villa,wieck: {
+ franck,gluck,kaufmann,kassia,klecker,lobos,morricone,raff,ries,rietz,saens,schein,senfl,steffani,valente,villa,wieck: {
include ferm::rsync
}
}
case $hostname {
- saens,villa,lobos,raff,gluck,schein,wieck,steffani,ries,rietz,franck,morricone,valente,klecker: {
+ chopin,franck,gluck,kassia,klecker,lobos,morricone,ravel,raff,ries,rietz,saens,schein,steffani,valente,villa,wieck: {
include ferm::ftp
}
}
+ case $hostname {
+ ravel: {
+ include ferm::nfs-server
+ }
+ }
+
case $hostname {
piatti: {
@ferm::rule { "dsa-udd-stunnel":
rule => "&SERVICE(tcp, 25)"
}
}
+ draghi: {
+ @ferm::rule { "dsa-bind":
+ domain => "(ip ip6)",
+ description => "Allow nameserver access",
+ rule => "&TCP_UDP_SERVICE(53)"
+ }
+ @ferm::rule { "dsa-finger":
+ domain => "(ip ip6)",
+ description => "Allow finger access",
+ rule => "&SERVICE(tcp, 79)"
+ }
+ @ferm::rule { "dsa-ldap":
+ domain => "(ip ip6)",
+ description => "Allow ldap access",
+ rule => "&SERVICE(tcp, 389)"
+ }
+ @ferm::rule { "dsa-ldaps":
+ domain => "(ip ip6)",
+ description => "Allow ldaps access",
+ rule => "&SERVICE(tcp, 636)"
+ }
+ }
}
}
projects / mirror / dsa-puppet.git / blobdiff