X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fnfs-server%2Fmanifests%2Finit.pp;h=68ed1c4ab1efa73942fc87cebbf065460973ba5b;hb=43c810344fe16f9decdeffa3a0a46b47e6d472b5;hp=de4b9400117441747c371e3eb246f1f60a9862de;hpb=2de744ff634d0ed929b05346970c2ed9cc61353f;p=mirror%2Fdsa-puppet.git

diff --git a/modules/nfs-server/manifests/init.pp b/modules/nfs-server/manifests/init.pp
index de4b94001..68ed1c4ab 100644
--- a/modules/nfs-server/manifests/init.pp
+++ b/modules/nfs-server/manifests/init.pp
@@ -23,30 +23,35 @@ class nfs-server {
 		milanollo: {
 			$client_range    = '172.29.122.0/24'
 		}
+		beach,glinka: {
+			$client_range    = '192.168.2.0/24'
+		}
 		default: {
-			$client_range    = '0.0.0.0/0'
+			# Better than 0.0.0.0/0 - we really ought to configure a
+			# client range for them all instead of exporting to the world.
+			$client_range    = '127.0.0.0/8'
 		}
 	}
 
 	@ferm::rule { 'dsa-portmap':
 		description => 'Allow portmap access',
-		rule        => '&TCP_UDP_SERVICE_RANGE(111, $client_range)'
+		rule        => "&TCP_UDP_SERVICE_RANGE(111, $client_range)"
 	}
 	@ferm::rule { 'dsa-nfs':
 		description => 'Allow nfsd access',
-		rule        => '&TCP_UDP_SERVICE_RANGE(2049, $client_range)'
+		rule        => "&TCP_UDP_SERVICE_RANGE(2049, $client_range)"
 	}
 	@ferm::rule { 'dsa-status':
 		description => 'Allow statd access',
-		rule        => '&TCP_UDP_SERVICE_RANGE(10000, $client_range)'
+		rule        => "&TCP_UDP_SERVICE_RANGE(10000, $client_range)"
 	}
 	@ferm::rule { 'dsa-mountd':
 		description => 'Allow mountd access',
-		rule        => '&TCP_UDP_SERVICE_RANGE(10002, $client_range)'
+		rule        => "&TCP_UDP_SERVICE_RANGE(10002, $client_range)"
 	}
 	@ferm::rule { 'dsa-lockd':
 		description => 'Allow lockd access',
-		rule        => '&TCP_UDP_SERVICE_RANGE(10003, $client_range)'
+		rule        => "&TCP_UDP_SERVICE_RANGE(10003, $client_range)"
 	}
 
 	file { '/etc/default/nfs-common':