X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fbgp.pp;fp=modules%2Froles%2Fmanifests%2Fbgp.pp;h=d3fbb390b5893007f697a27ec1fcdb1ed0ff1e5f;hb=d551cf8d994dbfe75b4406e512796544881ac714;hp=0000000000000000000000000000000000000000;hpb=6249c24fa02ba796016ca267c252cb68016a5c13;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/bgp.pp b/modules/roles/manifests/bgp.pp
new file mode 100644
index 000000000..d3fbb390b
--- /dev/null
+++ b/modules/roles/manifests/bgp.pp
@@ -0,0 +1,16 @@
+class roles::bgp {
+	$bgp_peers = $::hostname ? {
+		bilbao    => '2001:41c9:2:13c::/128 89.16.162.0/32',
+		default    => undef,
+	}
+
+	if ! $bgp_peers {
+		fail("Do not have bgp_peers set for $::hostname.")
+	}
+
+	@ferm::rule { 'dsa-bgp':
+		description => 'Allow BGP from peers',
+		domain      => '(ip ip6)',
+		rule        => '&SERVICE_RANGE(tcp, ssh, $bgp_peers)'
+	}
+}