projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
One of the last changes broke dbmaster role based ferm rules
[mirror/dsa-puppet.git] / modules / ferm / templates / me.conf.erb
diff --git a/modules/ferm/templates/me.conf.erb b/modules/ferm/templates/me.conf.erb
index 615f633..072c2c0 100644 (file)
--- a/modules/ferm/templates/me.conf.erb
+++ b/modules/ferm/templates/me.conf.erb
@@ -25,8 +25,9 @@ should_restrict = restrict_ssh.include?(@hostname)
 
 
 if should_restrict then
-       ssh4allowed << %w{$DSA_IPS    $HOST_NAGIOS_V4 $HOST_MUNIN_V4 $HOST_DB_V4}
-       ssh6allowed << %w{$DSA_V6_IPS $HOST_NAGIOS_V6 $HOST_MUNIN_V6 $HOST_DB_V6}
+       # draghi makes for a nice jumphost
+       ssh4allowed << %w{$DSA_IPS    $HOST_NAGIOS_V4 $HOST_MUNIN_V4  82.195.75.106}
+       ssh6allowed << %w{$DSA_V6_IPS $HOST_NAGIOS_V6 $HOST_MUNIN_V6  2001:41b8:202:deb:1a1a:0:52c3:4b6a}
 
        if %w{draghi}.include?(@hostname) then
                ssh4allowed << '$HOST_DEBIAN_V4'
Unnamed repository; edit this file 'description' to name the repository.