lw07 no longer runs a snapshot pg db

author Peter Palfrader <peter@palfrader.org>

Sat, 28 Sep 2019 19:39:58 +0000 (21:39 +0200)

committer Peter Palfrader <peter@palfrader.org>

Sat, 28 Sep 2019 19:40:05 +0000 (21:40 +0200)
author Peter Palfrader <peter@palfrader.org>
Sat, 28 Sep 2019 19:39:58 +0000 (21:39 +0200)
committer Peter Palfrader <peter@palfrader.org>
Sat, 28 Sep 2019 19:40:05 +0000 (21:40 +0200)
diff --git a/data/common.yaml b/data/common.yaml

index e1cc332..d750bc0 100644 (file)
--- a/data/common.yaml
+++ b/data/common.yaml
@@ -77,7 +77,6 @@ roles:
      # these use pg-receive-file-from-backup which is defined in the
      # postgres::backup_source class.  This should be
      # cleaned up and handled properly, including the ssh auth keys setup
-    - lw07.debian.org
      - snapshotdb-manda-01.debian.org
  
  classes:
diff --git a/modules/ferm/manifests/per_host.pp b/modules/ferm/manifests/per_host.pp

index 7a15b86..ed16764 100644 (file)
--- a/modules/ferm/manifests/per_host.pp
+++ b/modules/ferm/manifests/per_host.pp
@@ -213,23 +213,11 @@ class ferm::per_host {
          domain      => '(ip ip6)',
          rule        => @("EOF"/$)
            &SERVICE_RANGE(tcp, 5473, (
-            ${ join(getfromhash($deprecated::allnodeinfo, 'lw07.debian.org', 'ipHostNumber'), " ") }
              ${ join(getfromhash($deprecated::allnodeinfo, 'snapshotdb-manda-01.debian.org', 'ipHostNumber'), " ") }
            ))
            | EOF
        }
      }
-    lw07: {
-      ferm::rule { 'dsa-postgres-snapshot':
-        description => 'Allow postgress access',
-        rule        => '&SERVICE_RANGE(tcp, 5439, ( 185.17.185.176/28 ))'
-      }
-      ferm::rule { 'dsa-postgres-snapshot6':
-        domain      => 'ip6',
-        description => 'Allow postgress access',
-        rule        => '&SERVICE_RANGE(tcp, 5439, ( 2001:1af8:4020:b030::/64 ))'
-      }
-    }
      snapshotdb-manda-01: {
        ferm::rule { 'dsa-postgres-snapshot':
          domain      => '(ip ip6)',
diff --git a/modules/postgres/templates/backup_server/sshkeys-manual.erb b/modules/postgres/templates/backup_server/sshkeys-manual.erb

index cd70d21..269a191 100644 (file)
--- a/modules/postgres/templates/backup_server/sshkeys-manual.erb
+++ b/modules/postgres/templates/backup_server/sshkeys-manual.erb
@@ -1,4 +1,3 @@
  # maintained manually in puppet
  # postgresql backups:
-command="/usr/local/bin/debbackup-ssh-wrap lw07 --read-allow=/srv/backups/pg/sallinen",restrict,from="185.17.185.187,2001:1af8:4020:b030:deb::187" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiLZIqnyKrsfoT1sQdbuUsOoqW1t71Sv8hpJj9yLzrSFq/YCnho9G2Q/LJm4sMB4W64uQMUX6oLsqsgIBbOZw71CBRou41zwS/D+7+sjiPy1aVXp+L+fAXqLdemCUYqXAm0bGTLboGmlDSG3/r3v3B2+vqwAoHaC/GwuoNgvHq+sfxZPo/9cDRlTyE0ktyxwdUN+czxyLtDPqz3CucOHX03p8F3lNEwFUCGIVAkP4zxZsiEjD+eCbWam0bVFoWnfXYcmf2GYKEy2PQp0ksXmbsnRIblW5zoKdEXeDjwSStFHtjqkJw2TdPLUGSXljCgy9OCXYVMUrFnXw2Ak88KYpV postgres@lw07 (20140713)
  command="/usr/local/bin/debbackup-ssh-wrap snapshotdb-manda-01 --read-allow=/srv/backups/pg/sallinen",restrict,from="82.195.75.73,2001:41b8:202:deb::311:73" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC53Sx/qzFL+GNrT01fP9tXpd9CjaOZuhLVHIOpoDQM5Nrr4DgbWA3vTghHpdpRHt18EmzWEmclTk3qej/vN6vBIG4cMc8EfpvEvXOLW2qQzMMrx5UeergUX76ie41B8yOCd9lf6H3G+rLqfBR6xEws39WgwTBRT86mKpolYDCJHX1Q8i85eJ/mw9FjHUENZYSxO4k5KBas2/G03+e+/J4TvgjyGbqCxc1RvmiMLE+cnfmeaprZuUbKkL0Df/mV2osuKStfG9ise/qtL0Kv318bsnYvXPDMdFWtFsR1lX2MpHfCFYWJd4bHtNOGSlixYbHcFlNFlSDessfLgpoKwWi3 postgres@snapshotdb-manda-01 (2019-05-23)
author	Peter Palfrader <peter@palfrader.org>
	Sat, 28 Sep 2019 19:39:58 +0000 (21:39 +0200)
committer	Peter Palfrader <peter@palfrader.org>
	Sat, 28 Sep 2019 19:40:05 +0000 (21:40 +0200)
data/common.yaml		patch \| blob \| history
modules/ferm/manifests/per_host.pp		patch \| blob \| history
modules/postgres/templates/backup_server/sshkeys-manual.erb		patch \| blob \| history