class roles::historical_master {
- $sslname = 'archive-master.debian.org'
-
- rsync::site_systemd { 'archive_master':
- source => 'puppet:///modules/roles/historical_master/rsyncd.conf',
- max_clients => 100,
- sslname => $sslname,
- }
-
- ssl::service { $sslname:
- key => true,
- tlsaport => [],
- }
+ # export ssh allow rules for hosts that we should be able to access
+ @@ferm::rule::simple { "dsa-ssh-from-historical_master-${::fqdn}":
+ tag => 'ssh::server::from::historical_master',
+ description => 'Allow ssh access from historical-master',
+ chain => 'ssh',
+ saddr => $base::public_addresses,
+ }
}