X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fpuppetmaster%2Fmanifests%2Finit.pp;h=f16e715bb63f30716548355174dae9813efd1bd5;hb=fcb420751dafbe3b3b86a4ea8e10a6dab6db8080;hp=ca91a0bb2ee995ec680096314ee1e77c7d0754ea;hpb=1317bdace90075351f45cfff10a76af03fe2198a;p=mirror%2Fdsa-puppet.git

diff --git a/modules/puppetmaster/manifests/init.pp b/modules/puppetmaster/manifests/init.pp
index ca91a0bb2..f16e715bb 100644
--- a/modules/puppetmaster/manifests/init.pp
+++ b/modules/puppetmaster/manifests/init.pp
@@ -1,5 +1,26 @@
 class puppetmaster {
+
+	package { 'puppetmaster':
+		ensure => installed,
+	}
 	file { '/etc/puppet/hiera.yaml':
 		source => 'puppet:///modules/puppetmaster/hiera.yaml'
 	}
+
+	@ferm::rule { 'dsa-puppet':
+		description     => 'Allow puppet access',
+		rule            => '&SERVICE_RANGE(tcp, 8140, $HOST_DEBIAN_V4)'
+	}
+	@ferm::rule { 'dsa-puppet-v6':
+		domain          => 'ip6',
+		description     => 'Allow puppet access',
+		rule            => '&SERVICE_RANGE(tcp, 8140, $HOST_DEBIAN_V6)'
+	}
+
+	file { '/srv/puppet.debian.org/puppet-facts':
+		ensure => directory
+	}
+	concat { '/srv/puppet.debian.org/puppet-facts/onionbalance-services.yaml':
+	}
+	Concat::Fragment <<| tag == "onionbalance-services.yaml" |>>
 }