From: Stephen Gran <steve@lobefin.net>
Date: Sun, 25 Aug 2013 21:47:45 +0000 (+0100)
Subject: add cluster rules
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=88395362f4990b19bb098d0d4a487e77844b51fc;p=mirror%2Fdsa-puppet.git

add cluster rules

Signed-off-by: Stephen Gran <steve@lobefin.net>
---

diff --git a/modules/roles/manifests/pubsub.pp b/modules/roles/manifests/pubsub.pp
index a43423efe..e5740326e 100644
--- a/modules/roles/manifests/pubsub.pp
+++ b/modules/roles/manifests/pubsub.pp
@@ -57,4 +57,16 @@ class roles::pubsub {
 		description => 'rabbitmq connections',
 		rule        => '&SERVICE_RANGE(tcp, 5672, $HOST_DEBIAN_V6)'
 	}
+
+	if $::hostname == $cc_master {
+		$you = $cc_secondary
+	} else {
+		$you = $cc_master
+	}
+
+	@ferm::rule { 'rabbitmq_cluster':
+		domain      => '(ip,ip6)',
+		description => 'rabbitmq cluster connections',
+		rule        => "proto tcp mod state state (NEW) saddr (${you}) ACCEPT"
+	}
 }