projects
/
mirror
/
dsa-puppet.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
dd1abc5
)
pubsub: do not hardcode IPs
author
Aurelien Jarno
<aurelien@aurel32.net>
Fri, 27 Sep 2019 22:57:34 +0000
(
00:57
+0200)
committer
Aurelien Jarno
<aurelien@aurel32.net>
Fri, 27 Sep 2019 22:57:34 +0000
(
00:57
+0200)
modules/roles/manifests/pubsub.pp
patch
|
blob
|
history
diff --git
a/modules/roles/manifests/pubsub.pp
b/modules/roles/manifests/pubsub.pp
index
d165fcc
..
324bac6
100644
(file)
--- a/
modules/roles/manifests/pubsub.pp
+++ b/
modules/roles/manifests/pubsub.pp
@@
-36,21
+36,14
@@
class roles::pubsub {
}
if $::hostname == $cc_master {
}
if $::hostname == $cc_master {
- $you = '82.195.75.95'
- $you6 = '2001:41b8:202:deb::311:95'
+ $other = join(getfromhash($deprecated::allnodeinfo, "${cc_secondary}.debian.org", 'ipHostNumber'), " ")
} else {
} else {
- $you = '82.195.75.94'
- $you6 = '2001:41b8:202:deb::311:94'
+ $other = join(getfromhash($deprecated::allnodeinfo, "${cc_master}.debian.org", 'ipHostNumber'), " ")
}
ferm::rule { 'rabbitmq_cluster':
}
ferm::rule { 'rabbitmq_cluster':
- domain => 'ip',
- description => 'rabbitmq cluster connections',
- rule => "proto tcp mod state state (NEW) saddr (${you}) ACCEPT"
- }
- ferm::rule { 'rabbitmq_cluster_v6':
- domain => 'ip6',
+ domain => '(ip ip6)',
description => 'rabbitmq cluster connections',
description => 'rabbitmq cluster connections',
- rule => "proto tcp mod state state (NEW) saddr (${
you6
}) ACCEPT"
+ rule => "proto tcp mod state state (NEW) saddr (${
other
}) ACCEPT"
}
}
}
}