key => true,
tlsaport => [443, 1873],
}
+
+ # export ssh allow rules for hosts that we should be able to access
+ @@ferm::rule::simple { "dsa-ssh-from-syncproxy-${::fqdn}":
+ tag => 'ssh::server::allow::ftp-master',
+ description => 'Allow ssh access from ftp-master',
+ port => '22',
+ saddr => $base::public_addresses,
+ }
}
chown_user => mini-dak-unpriv,
root => '/srv/ports-master.debian.org/ftp.upload',
}
+
+ # export ssh allow rules for hosts that we should be able to access
+ @@ferm::rule::simple { "dsa-ssh-from-syncproxy-${::fqdn}":
+ tag => 'ssh::server::allow::ports-master',
+ description => 'Allow ssh access from ports-master',
+ port => '22',
+ saddr => $base::public_addresses,
+ }
}
max_clients => 50,
sslname => 'security-master.debian.org',
}
+
+ # export ssh allow rules for hosts that we should be able to access
+ @@ferm::rule::simple { "dsa-ssh-from-syncproxy-${::fqdn}":
+ tag => 'ssh::server::allow::security-master',
+ description => 'Allow ssh access from security-master',
+ port => '22',
+ saddr => $base::public_addresses,
+ }
}
projects / mirror / dsa-puppet.git / commitdiff