X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fferm%2Fmanifests%2Fper-host.pp;h=7fd1a4eab811d55d223ce5d9dd87c7a47ceb6a98;hb=8eae878d974ede65e7ac5fa6eef6e91c86845bb5;hp=d41f657945e1f87316038da74f4fbdb90d340193;hpb=c2d7c2c6141a812e63429f94827d8c99b3e1deac;p=mirror%2Fdsa-puppet.git

diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp
index d41f65794..7fd1a4eab 100644
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -3,7 +3,7 @@ class ferm::per-host {
 		include ferm::zivit
 	}
 
-	if $::hostname in [klecker,merikanto,powell,ravel,rietz,senfl,sibelius,stabile] {
+	if $::hostname in [glinka,klecker,merikanto,powell,ravel,rietz,senfl,sibelius,stabile] {
 		ferm::rule { 'dsa-rsync':
 			domain      => '(ip ip6)',
 			description => 'Allow rsync access',
@@ -42,6 +42,12 @@ class ferm::per-host {
 				rule            => '&SERVICE_RANGE(tcp, 5433, ( 2607:f8f0:610:4000:6564:a62:ce0c:138d/128 ))'
 			}
 		}
+		czerny,clementi: {
+			@ferm::rule { 'dsa-upsmon':
+				description     => 'Allow upsmon access',
+				rule            => '&SERVICE_RANGE(tcp, 3493, ( 82.195.75.64/26 192.168.43.0/24 ))'
+			}
+		}
 		danzi: {
 			@ferm::rule { 'dsa-postgres-danzi':
 				description     => 'Allow postgress access',