X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fferm%2Fmanifests%2Fper_host.pp;h=d139e87d29af023713e7bbe44067e1e71403a56e;hb=9a69220cc9cf9388a8336e0c4fd65489e8933367;hp=2da64cd5fd305d33a564eda3b37635dba09ce6a5;hpb=cb53f131bbc26a0fcec43d65cbcb06a4f341a965;p=mirror%2Fdsa-puppet.git diff --git a/modules/ferm/manifests/per_host.pp b/modules/ferm/manifests/per_host.pp index 2da64cd5f..d139e87d2 100644 --- a/modules/ferm/manifests/per_host.pp +++ b/modules/ferm/manifests/per_host.pp @@ -151,18 +151,6 @@ class ferm::per_host { )) | EOF } - ferm::rule { 'dsa-postgres-wannabuild': - description => 'Allow postgress access to cluster: wannabuild', - domain => '(ip ip6)', - rule => @("EOF"/$) - &SERVICE_RANGE(tcp, 5436, ( - ${ join(getfromhash($deprecated::allnodeinfo, 'respighi.debian.org', 'ipHostNumber'), " ") } - ${ join(getfromhash($deprecated::allnodeinfo, 'wuiet.debian.org', 'ipHostNumber'), " ") } - ${ join(getfromhash($deprecated::allnodeinfo, 'ullmann.debian.org', 'ipHostNumber'), " ") } - \$HOST_PGBACKUPHOST - )) - | EOF - } ferm::rule { 'dsa-postgres-bacula': description => 'Allow postgress access to cluster: bacula', domain => '(ip ip6)', @@ -215,6 +203,18 @@ class ferm::per_host { description => 'Allow postgress access2', rule => '&SERVICE_RANGE(tcp, 5434, ( 2607:f8f0:614:1::/64 ))' } + ferm::rule { 'dsa-postgres-wannabuild': + description => 'Allow postgress access to cluster: wannabuild', + domain => '(ip ip6)', + rule => @("EOF"/$) + &SERVICE_RANGE(tcp, 5436, ( + ${ join(getfromhash($deprecated::allnodeinfo, 'respighi.debian.org', 'ipHostNumber'), " ") } + ${ join(getfromhash($deprecated::allnodeinfo, 'wuiet.debian.org', 'ipHostNumber'), " ") } + ${ join(getfromhash($deprecated::allnodeinfo, 'ullmann.debian.org', 'ipHostNumber'), " ") } + \$HOST_PGBACKUPHOST + )) + | EOF + } } seger: { ferm::rule { 'dsa-postgres-backup':