X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fferm%2Fmanifests%2Fper_host.pp;h=49c7baacfd3e818cdc203ca0ebf21d20f04f28ac;hb=47df1304ad8067cd1a220f80c910b61097f3a3e7;hp=7668641b80ad30cb6a644cb653e3847ec8f29aba;hpb=97669532c8d024b55d005dfa3cda683acfd622be;p=mirror%2Fdsa-puppet.git

diff --git a/modules/ferm/manifests/per_host.pp b/modules/ferm/manifests/per_host.pp
index 7668641b8..49c7baacf 100644
--- a/modules/ferm/manifests/per_host.pp
+++ b/modules/ferm/manifests/per_host.pp
@@ -10,23 +10,6 @@ class ferm::per_host {
         rule        => '&SERVICE_RANGE(tcp, 3493, ( 82.195.75.64/26 192.168.43.0/24 ))'
       }
     }
-    draghi: {
-      ferm::rule { 'dsa-finger':
-        domain      => '(ip ip6)',
-        description => 'Allow finger access',
-        rule        => '&SERVICE(tcp, 79)'
-      }
-      ferm::rule { 'dsa-ldap':
-        domain      => '(ip ip6)',
-        description => 'Allow ldap access',
-        rule        => '&SERVICE(tcp, 389)'
-      }
-      ferm::rule { 'dsa-ldaps':
-        domain      => '(ip ip6)',
-        description => 'Allow ldaps access',
-        rule        => '&SERVICE(tcp, 636)'
-      }
-    }
     default: {}
   }
 
@@ -70,41 +53,6 @@ class ferm::per_host {
     default: {}
   }
 
-  # postgres stuff
-  case $::hostname {
-    bmdb1: {
-      ferm::rule { 'dsa-postgres-main':
-        description => 'Allow postgress access to cluster: main',
-        domain      => '(ip ip6)',
-        rule        => @("EOF"/$)
-          &SERVICE_RANGE(tcp, 5435, (
-            ${ join(getfromhash($deprecated::allnodeinfo, 'petrova.debian.org', 'ipHostNumber'), " ") }
-            ${ join(getfromhash($deprecated::allnodeinfo, 'ullmann.debian.org', 'ipHostNumber'), " ") }
-            ${ join(getfromhash($deprecated::allnodeinfo, 'wuiet.debian.org', 'ipHostNumber'), " ") }
-            ${ join(getfromhash($deprecated::allnodeinfo, 'quantz.debian.org', 'ipHostNumber'), " ") }
-            ${ join(getfromhash($deprecated::allnodeinfo, 'respighi.debian.org', 'ipHostNumber'), " ") }
-            ${ join(getfromhash($deprecated::allnodeinfo, 'tate.debian.org', 'ipHostNumber'), " ") }
-          ))
-          | EOF
-      }
-      ferm::rule { 'dsa-postgres-dak':
-        description => 'Allow postgress access to cluster: dak',
-        domain      => '(ip ip6)',
-        rule        => @("EOF"/$)
-          &SERVICE_RANGE(tcp, 5434, (
-            ${ join(getfromhash($deprecated::allnodeinfo, 'coccia.debian.org', 'ipHostNumber'), " ") }
-            ${ join(getfromhash($deprecated::allnodeinfo, 'quantz.debian.org', 'ipHostNumber'), " ") }
-            ${ join(getfromhash($deprecated::allnodeinfo, 'nono.debian.org', 'ipHostNumber'), " ") }
-            ${ join(getfromhash($deprecated::allnodeinfo, 'wuiet.debian.org', 'ipHostNumber'), " ") }
-            ${ join(getfromhash($deprecated::allnodeinfo, 'respighi.debian.org', 'ipHostNumber'), " ") }
-            ${ join(getfromhash($deprecated::allnodeinfo, 'usper.debian.org', 'ipHostNumber'), " ") }
-            ${ join(getfromhash($deprecated::allnodeinfo, 'ullmann.debian.org', 'ipHostNumber'), " ") }
-          ))
-          | EOF
-      }
-    }
-    default: {}
-  }
   # vpn fu
   case $::hostname {
     draghi: {