From 99fa46a2feeba92ea2abdc6c4dfba2a0e195526e Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Fri, 19 Jul 2019 13:01:39 +0200
Subject: [PATCH] move pg rule from veyepar to sreview

---
 modules/roles/manifests/sreview.pp | 14 ++++++++++++++
 modules/roles/manifests/veyepar.pp | 13 -------------
 2 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/modules/roles/manifests/sreview.pp b/modules/roles/manifests/sreview.pp
index 30cc47d48..c9e4fec9f 100644
--- a/modules/roles/manifests/sreview.pp
+++ b/modules/roles/manifests/sreview.pp
@@ -1,3 +1,17 @@
 class roles::sreview {
 	ssl::service { 'sreview.debian.net': notify  => Exec['service apache2 reload'], key => true, }
+
+	$now = Timestamp()
+	$date = $now.strftime('%F')
+
+	if versioncmp($date, '2019-08-15') <= 0 {
+		@ferm::rule { 'temporary-dc19-access':
+			description     => 'temporarily allow DC19 access, cf. RT#7845',
+			rule            => '&SERVICE_RANGE(tcp, 5432, ( 200.134.17.48/28 ))',
+		}
+	} else {
+		# also clean up pg_hba on vittoria
+		notify {"Temporary DC19 ferm rule expired, cf. RT#7845":
+			loglevel => warning, }
+	}
 }
diff --git a/modules/roles/manifests/veyepar.pp b/modules/roles/manifests/veyepar.pp
index 4f8aa2198..a60247551 100644
--- a/modules/roles/manifests/veyepar.pp
+++ b/modules/roles/manifests/veyepar.pp
@@ -1,16 +1,3 @@
 class roles::veyepar {
 	ssl::service { 'veyepar.debian.org': notify  => Exec['service apache2 reload'], key => true, }
-
-	$now = Timestamp()
-	$date = $now.strftime('%F')
-
-	if versioncmp($date, '2019-08-15') <= 0 {
-		@ferm::rule { 'temporary-dc19-access':
-			description     => 'temporarily allow DC19 access, cf. RT#7845',
-			rule            => '&SERVICE_RANGE(tcp, 5432, ( 200.134.17.48/28 ))',
-		}
-	} else {
-		notify {"Temporary DC19 ferm rule expired, cf. RT#7845":
-			loglevel => warning, }
-	}
 }
-- 
2.20.1