X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fferm%2Fmanifests%2Fper_host.pp;h=f107efb1eb64bbd540679a9405d53a6f11349835;hb=6c59aa2b3c9ef62c77747b262c32f8122a0f5cfe;hp=33b5f81de6292ef1b2b36e776cc756232b53d032;hpb=6db9d6a8427e38dc02e9fc32fe83fb499b20f368;p=mirror%2Fdsa-puppet.git diff --git a/modules/ferm/manifests/per_host.pp b/modules/ferm/manifests/per_host.pp index 33b5f81de..f107efb1e 100644 --- a/modules/ferm/manifests/per_host.pp +++ b/modules/ferm/manifests/per_host.pp @@ -8,12 +8,6 @@ class ferm::per_host { } case $::hostname { - vittoria: { - @ferm::rule { 'debconf17': - description => 'temporarily allow DC17 access', - rule => '&SERVICE_RANTE(tcp, 5432, (206.167.36.195/32))' - } - } czerny,clementi: { @ferm::rule { 'dsa-upsmon': description => 'Allow upsmon access', @@ -44,6 +38,10 @@ class ferm::per_host { description => 'Allow syslog access', rule => '&SERVICE_RANGE(tcp, 5140, $HOST_DEBIAN_V6)' } + @ferm::rule { 'fastly-syslog': + description => 'Allow syslog access', + rule => '&SERVICE_RANGE(tcp, 5141, $HOST_FASTLY)' + } } kaufmann: { @ferm::rule { 'dsa-hkp': @@ -152,22 +150,6 @@ class ferm::per_host { default: {} } - # elasticsearch stuff - case $::hostname { - stockhausen: { - @ferm::rule { 'dsa-elasticsearch-bendel': - domain => '(ip)', - description => 'Allow elasticsearch access from bendel', - rule => '&SERVICE_RANGE(tcp, 9200:9300, ( 82.195.75.100/32 ))' - } - @ferm::rule { 'dsa-elasticsearch-bendel6': - domain => '(ip6)', - description => 'Allow elasticsearch access from bendel', - rule => '&SERVICE_RANGE(tcp, 9200:9300, ( 2001:41b8:202:deb:216:36ff:fe40:4002/128 ))' - } - } - } - # postgres stuff case $::hostname { ullmann: { @@ -351,7 +333,7 @@ class ferm::per_host { rule => '&SERVICE_RANGE(tcp, 5439, ( 2001:1af8:4020:b030::/64 ))' } } - melartin,vittoria: { + vittoria: { @ferm::rule { 'dsa-postgres-backup': description => 'Allow postgress access', rule => '&SERVICE_RANGE(tcp, 5432, ( $HOST_PGBACKUPHOST_V4 ))'