X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fferm%2Fmanifests%2Fper-host.pp;h=2d6c5bda37b438ec72a2700aa7b922ecace0aca2;hb=0561366171545ce443bc6901460e523b504cfddb;hp=b494c2a941a4e8244d6f27dec59ac01cc8bd2096;hpb=e63c8f520153204ce1bee4f4aca2b6eb0308a3f0;p=mirror%2Fdsa-puppet.git diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp index b494c2a94..2d6c5bda3 100644 --- a/modules/ferm/manifests/per-host.pp +++ b/modules/ferm/manifests/per-host.pp @@ -6,19 +6,25 @@ class ferm::per-host { } } case $hostname { - franck,gluck,kaufmann,klecker,lobos,morricone,raff,ries,rietz,saens,schein,senfl,steffani,valente,villa,wieck: { + franck,gluck,kaufmann,kassia,klecker,lobos,morricone,raff,ries,rietz,saens,schein,senfl,steffani,valente,villa,wieck: { include ferm::rsync } } case $hostname { - saens,villa,lobos,raff,gluck,schein,wieck,steffani,ries,rietz,franck,morricone,valente,klecker: { + chopin,franck,gluck,kassia,klecker,lobos,morricone,ravel,raff,ries,rietz,saens,schein,steffani,valente,villa,wieck: { include ferm::ftp } } case $hostname { - piatti: { + ravel: { + include ferm::nfs-server + } + } + + case $hostname { + piatti,samosa: { @ferm::rule { "dsa-udd-stunnel": description => "port 8080 for udd stunnel", rule => "&SERVICE_RANGE(tcp, http-alt, ( 192.25.206.16 70.103.162.29 217.196.43.134 ))" @@ -82,5 +88,27 @@ class ferm::per-host { rule => "&SERVICE(tcp, 25)" } } + draghi: { + @ferm::rule { "dsa-bind": + domain => "(ip ip6)", + description => "Allow nameserver access", + rule => "&TCP_UDP_SERVICE(53)" + } + @ferm::rule { "dsa-finger": + domain => "(ip ip6)", + description => "Allow finger access", + rule => "&SERVICE(tcp, 79)" + } + @ferm::rule { "dsa-ldap": + domain => "(ip ip6)", + description => "Allow ldap access", + rule => "&SERVICE(tcp, 389)" + } + @ferm::rule { "dsa-ldaps": + domain => "(ip ip6)", + description => "Allow ldaps access", + rule => "&SERVICE(tcp, 636)" + } + } } }