X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fbgp.pp;h=ee41df5af7dac3e42bfba9317d1cfe9000d9f61e;hb=33a685862291e6f3c0c7f9df702b930430bbe419;hp=61409d9c07bfb92ff25c52dd76e28bae4b79db21;hpb=4612e4d0e37493f79becfa45caf9adcd657ed7ca;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/bgp.pp b/modules/roles/manifests/bgp.pp
index 61409d9c0..ee41df5af 100644
--- a/modules/roles/manifests/bgp.pp
+++ b/modules/roles/manifests/bgp.pp
@@ -1,22 +1,13 @@
-class roles::bgp {
-	$bgp_peers = $::hostname ? {
-		bilbao        => '2001:41c9:2:13c::2/128 89.16.162.2/32',
-		mirror-conova => '2a02:16a8:5404:199::25/128 217.196.157.53/32',
-		default       => undef,
-	}
-
-	if ! $bgp_peers {
-		fail("Do not have bgp_peers set for $::hostname.")
-	}
-
-	@ferm::rule { 'dsa-bgp':
-		description => 'Allow BGP from peers',
-		domain      => '(ip ip6)',
-		rule        => "&SERVICE_RANGE(tcp, bgp, ($bgp_peers))"
-	}
-
-	file { '/etc/network/interfaces.d/anycasted':
-		content => template('roles/anycast/interfaces.erb')
-	}
-
+class roles::bgp(
+  Array[Stdlib::IP::Address] $peers,
+){
+  ferm::rule::simple { 'dsa-bgp':
+    description => 'Allow BGP from peers',
+    port        => 'bgp',
+    saddr       => $peers,
+  }
+
+  file { '/etc/network/interfaces.d/anycasted':
+    content => template('roles/anycast/interfaces.erb')
+  }
 }