security_master -> hiera role

[mirror/dsa-puppet.git] / modules / roles / manifests / security_master.pp

diff --git a/modules/roles/manifests/security_master.pp b/modules/roles/manifests/security_master.pp
index 6f92d33..c627ac0 100644 (file)
--- a/modules/roles/manifests/security_master.pp
+++ b/modules/roles/manifests/security_master.pp
@@ -1,4 +1,6 @@
 class roles::security_master {
+  include roles::dakmaster
+
   ssl::service { 'security-master.debian.org':
     notify   => Exec['service apache2 reload'],
     key      => true,
@@ -13,9 +15,9 @@ class roles::security_master {
   }
 
   # export ssh allow rules for hosts that we should be able to access
-  @@ferm::rule::simple { "dsa-ssh-from-syncproxy-${::fqdn}":
-    tag         => 'ssh::server::allow::security-master',
-    description => 'Allow ssh access from security-master',
+  @@ferm::rule::simple { "dsa-ssh-from-security_master-${::fqdn}":
+    tag         => 'ssh::server::from::security_master',
+    description => 'Allow ssh access from security_master',
     port        => '22',
     saddr       => $base::public_addresses,
   }