summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
1edc286)
For now we fall back to and continue to use hostnames, but we should
switch this to something more sane longterm.
out = []
restricted_purposes = ['kvm host', 'ganeti/kvm host', 'central syslog server', 'puppet master', 'jumphost', 'buildd', 'static-mirror', 'anycast mirror']
out = []
restricted_purposes = ['kvm host', 'ganeti/kvm host', 'central syslog server', 'puppet master', 'jumphost', 'buildd', 'static-mirror', 'anycast mirror']
-restrict_ssh = %w{tchaikovsky draghi adayevskaya static-master-grnet-01 static-master-ubc-01}
+restrict_ssh = %w{tchaikovsky draghi adayevskaya static-master-grnet-01 static-master-ubc-01 geo1 geo2 geo3 denis}
if (nodeinfo['ldap'].has_key?('purpose')) then
nodeinfo['ldap']['purpose'].each do |purp|
if (nodeinfo['ldap'].has_key?('purpose')) then
nodeinfo['ldap']['purpose'].each do |purp|
ssh6allowed = []
should_restrict = restrict_ssh.include?(@hostname)
ssh6allowed = []
should_restrict = restrict_ssh.include?(@hostname)
-%w{dns_primary dns_geo}.each do |role_restrict|
- if scope.function_has_role([role_restrict]) then
- should_restrict = true
- end
-end