restricted ssh access to geo machines as well

[mirror/dsa-puppet.git] / modules / ferm / templates / me.conf.erb

diff --git a/modules/ferm/templates/me.conf.erb b/modules/ferm/templates/me.conf.erb
index 6ae7696..2a4a1e3 100644 (file)
--- a/modules/ferm/templates/me.conf.erb
+++ b/modules/ferm/templates/me.conf.erb
@@ -9,7 +9,7 @@
 sshallowed = []
 
 case hostname
-  when 'logtest01', 'geo1' then sshallowed << [ '$DSA_IPS', '$HOST_NAGIOS_V4', '$HOST_DB_V4' ]
+  when 'logtest01', 'geo1', 'geo2', 'geo3' then sshallowed << [ '$DSA_IPS', '$HOST_NAGIOS_V4', '$HOST_DB_V4' ]
 end
 
 if sshallowed.length == 0
@@ -24,11 +24,11 @@ sshallowed.join(' ')
 sshallowed = []
 
 case hostname
-  when 'logtest01', 'geo1' then sshallowed << [ '$DSA_V6_IPS', '$HOST_NAGIOS_V6', '$HOST_DB_V6' ]
+  when 'logtest01', 'geo1', 'geo2', 'geo3' then sshallowed << [ '$DSA_V6_IPS', '$HOST_NAGIOS_V6', '$HOST_DB_V6' ]
 end
 
 if sshallowed.length == 0
-  sshallowed = [ ':::' ]
+  sshallowed = [ '::' ]
 end
 
 sshallowed.join(' ')