X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fferm%2Fmanifests%2Fper-host.pp;h=0d2f563456ddfcc32fe63dbe792e02c73b7938f5;hb=44a5e04998648fc84ff1671d599c404f89bfadc6;hp=2a29a17c7c782c38bbe272a7d3786e334dcbf06c;hpb=7550b786699bc5adc492d99dee57db4860bb61c2;p=mirror%2Fdsa-puppet.git diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp index 2a29a17c7..0d2f56345 100644 --- a/modules/ferm/manifests/per-host.pp +++ b/modules/ferm/manifests/per-host.pp @@ -12,11 +12,17 @@ class ferm::per-host { } case $hostname { - chopin,saens,villa,lobos,raff,gluck,schein,wieck,steffani,ries,rietz,franck,morricone,valente,klecker: { + chopin,franck,gluck,klecker,lobos,morricone,raff,ries,rietz,saens,schein,steffani,valente,villa,wieck: { include ferm::ftp } } + case $hostname { + ravel: { + include ferm::nfs-server + } + } + case $hostname { piatti: { @ferm::rule { "dsa-udd-stunnel": @@ -82,5 +88,27 @@ class ferm::per-host { rule => "&SERVICE(tcp, 25)" } } + draghi: { + @ferm::rule { "dsa-bind": + domain => "(ip ip6)", + description => "Allow nameserver access", + rule => "&TCP_UDP_SERVICE(53)" + } + @ferm::rule { "dsa-finger": + domain => "(ip ip6)", + description => "Allow finger access", + rule => "&SERVICE(tcp, 79)" + } + @ferm::rule { "dsa-ldap": + domain => "(ip ip6)", + description => "Allow ldap access", + rule => "&SERVICE(tcp, 389)" + } + @ferm::rule { "dsa-ldaps": + domain => "(ip ip6)", + description => "Allow ldaps access", + rule => "&SERVICE(tcp, 636)" + } + } } }