Restart slapd on TLS cert renew

[mirror/dsa-puppet.git] / modules / roles / manifests / static_base.pp

diff --git a/modules/roles/manifests/static_base.pp b/modules/roles/manifests/static_base.pp
index ed1f55f..8a92526 100644 (file)
--- a/modules/roles/manifests/static_base.pp
+++ b/modules/roles/manifests/static_base.pp
@@ -7,7 +7,7 @@ class roles::static_base {
        }
 
        file { '/etc/static-components.conf':
-               source => 'puppet:///modules/roles/static-mirroring/static-components.conf',
+               content => template('roles/static-mirroring/static-components.conf.erb'),
        }
 
        file { '/etc/ssh/userkeys/staticsync':
@@ -23,13 +23,13 @@ class roles::static_base {
 
        @ferm::rule { 'dsa-static-bt-v4':
                description => 'Allow bt between static hosts',
-               rule        => 'proto tcp mod state state (NEW) mod multiport destination-ports (6881-6999) @subchain \'static-bt\' { saddr ($HOST_STATIC_V4) ACCEPT; }',
+               rule        => 'proto tcp mod state state (NEW) mod multiport destination-ports (6881:6999) @subchain \'static-bt\' { saddr ($HOST_STATIC_V4) ACCEPT; }',
                notarule    => true,
        }
        @ferm::rule { 'dsa-static-bt-v6':
                description => 'Allow bt between static hosts',
                domain      => 'ip6',
-               rule        => 'proto tcp mod state state (NEW) mod multiport destination-ports (6881-6999) @subchain \'static-bt\' { saddr ($HOST_STATIC_V6) ACCEPT; }',
+               rule        => 'proto tcp mod state state (NEW) mod multiport destination-ports (6881:6999) @subchain \'static-bt\' { saddr ($HOST_STATIC_V6) ACCEPT; }',
                notarule    => true,
        }
 }