X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fstatic_base.pp;h=216c9bf9b57bc40fdb07b10294b15e5b1ef28756;hb=81d30ab85281bca85a4b6d91723ac0a1a0157fa6;hp=cd580cdb67d344f86634fd314aa61b9020249848;hpb=bf3691ae1a76a07158faf2acc34f68a59874ff9c;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/static_base.pp b/modules/roles/manifests/static_base.pp
index cd580cdb6..216c9bf9b 100644
--- a/modules/roles/manifests/static_base.pp
+++ b/modules/roles/manifests/static_base.pp
@@ -11,7 +11,7 @@ class roles::static_base {
 	}
 
 	file { '/etc/ssh/userkeys/staticsync':
-		content => template('roles/static-mirroring/static-authorized_keys.erb'),
+		content => template('roles/static-mirroring/staticsync-authorized_keys.erb'),
 	}
 
 	file { '/usr/local/bin/staticsync-ssh-wrap':
@@ -20,4 +20,16 @@ class roles::static_base {
 	}
 	file { '/usr/local/bin/static-mirror-ssh-wrap': ensure => absent; }
 	file { '/usr/local/bin/static-master-ssh-wrap': ensure => absent; }
+
+	@ferm::rule { 'dsa-static-bt-v4':
+		description => 'Allow bt between static hosts',
+		rule        => 'proto tcp mod state state (NEW) mod multiport destination-ports (6881:6999) @subchain \'static-bt\' { saddr ($HOST_STATIC_V4) ACCEPT; }',
+		notarule    => true,
+	}
+	@ferm::rule { 'dsa-static-bt-v6':
+		description => 'Allow bt between static hosts',
+		domain      => 'ip6',
+		rule        => 'proto tcp mod state state (NEW) mod multiport destination-ports (6881:6999) @subchain \'static-bt\' { saddr ($HOST_STATIC_V6) ACCEPT; }',
+		notarule    => true,
+	}
 }