From e6e108c7f741245f4a180f564d4dbc97780f50a0 Mon Sep 17 00:00:00 2001
From: Aurelien Jarno <aurelien@aurel32.net>
Date: Sun, 22 Sep 2019 20:48:01 +0200
Subject: [PATCH] Allow access to the tracker db @ danzi from ticharich

---
 modules/ferm/manifests/per_host.pp | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/modules/ferm/manifests/per_host.pp b/modules/ferm/manifests/per_host.pp
index c27082586..140ac7e35 100644
--- a/modules/ferm/manifests/per_host.pp
+++ b/modules/ferm/manifests/per_host.pp
@@ -178,6 +178,16 @@ class ferm::per_host {
       }
     }
     danzi: {
+      ferm::rule { 'dsa-postgres-tracker':
+        description => 'Allow postgress access to cluster: tracker',
+        domain      => '(ip ip6)',
+        rule        => @("EOF"/$)
+          &SERVICE_RANGE(tcp, 5432, (
+            ${ join(getfromhash($deprecated::allnodeinfo, 'ticharich.debian.org', 'ipHostNumber'), " ") }
+            \$HOST_PGBACKUPHOST
+          ))
+          | EOF
+      }
       ferm::rule { 'dsa-postgres-danzi':
         # ubc, wuiet
         description => 'Allow postgress access',
-- 
2.20.1