default: {}
}
- # postgres stuff
- case $::hostname {
- bmdb1: {
- ferm::rule { 'dsa-postgres-dak':
- description => 'Allow postgress access to cluster: dak',
- domain => '(ip ip6)',
- rule => @("EOF"/$)
- &SERVICE_RANGE(tcp, 5434, (
- ${ join(getfromhash($deprecated::allnodeinfo, 'coccia.debian.org', 'ipHostNumber'), " ") }
- ${ join(getfromhash($deprecated::allnodeinfo, 'quantz.debian.org', 'ipHostNumber'), " ") }
- ${ join(getfromhash($deprecated::allnodeinfo, 'nono.debian.org', 'ipHostNumber'), " ") }
- ${ join(getfromhash($deprecated::allnodeinfo, 'wuiet.debian.org', 'ipHostNumber'), " ") }
- ${ join(getfromhash($deprecated::allnodeinfo, 'respighi.debian.org', 'ipHostNumber'), " ") }
- ${ join(getfromhash($deprecated::allnodeinfo, 'usper.debian.org', 'ipHostNumber'), " ") }
- ${ join(getfromhash($deprecated::allnodeinfo, 'ullmann.debian.org', 'ipHostNumber'), " ") }
- ))
- | EOF
- }
- }
- default: {}
- }
# vpn fu
case $::hostname {
draghi: {