From e6e108c7f741245f4a180f564d4dbc97780f50a0 Mon Sep 17 00:00:00 2001 From: Aurelien Jarno Date: Sun, 22 Sep 2019 20:48:01 +0200 Subject: [PATCH] Allow access to the tracker db @ danzi from ticharich --- modules/ferm/manifests/per_host.pp | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/modules/ferm/manifests/per_host.pp b/modules/ferm/manifests/per_host.pp index c27082586..140ac7e35 100644 --- a/modules/ferm/manifests/per_host.pp +++ b/modules/ferm/manifests/per_host.pp @@ -178,6 +178,16 @@ class ferm::per_host { } } danzi: { + ferm::rule { 'dsa-postgres-tracker': + description => 'Allow postgress access to cluster: tracker', + domain => '(ip ip6)', + rule => @("EOF"/$) + &SERVICE_RANGE(tcp, 5432, ( + ${ join(getfromhash($deprecated::allnodeinfo, 'ticharich.debian.org', 'ipHostNumber'), " ") } + \$HOST_PGBACKUPHOST + )) + | EOF + } ferm::rule { 'dsa-postgres-danzi': # ubc, wuiet description => 'Allow postgress access', -- 2.20.1