From f7adabc11f4b86313d541b2007570cf3e475320b Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Fri, 13 Sep 2019 13:22:47 +0200
Subject: [PATCH 1/1] re-enable puppet access

---
 modules/puppetmaster/manifests/init.pp | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/modules/puppetmaster/manifests/init.pp b/modules/puppetmaster/manifests/init.pp
index 28120f4bf..72eae64e4 100644
--- a/modules/puppetmaster/manifests/init.pp
+++ b/modules/puppetmaster/manifests/init.pp
@@ -10,15 +10,11 @@ class puppetmaster {
 		source => 'puppet:///modules/puppetmaster/puppetdb.conf'
 	}
 
-	#ferm::rule { 'dsa-puppet':
-	#	description     => 'Allow puppet access',
-	#	rule            => '&SERVICE_RANGE(tcp, 8140, $HOST_DEBIAN_V4)'
-	#}
-	#ferm::rule { 'dsa-puppet-v6':
-	#	domain          => 'ip6',
-	#	description     => 'Allow puppet access',
-	#	rule            => '&SERVICE_RANGE(tcp, 8140, $HOST_DEBIAN_V6)'
-	#}
+	ferm::rule { 'dsa-puppet':
+		description     => 'Allow puppet access',
+		domain          => '(ip ip6)',
+		rule            => '&SERVICE_RANGE(tcp, 8140, $HOST_DEBIAN)',
+	}
 
 	file { '/srv/puppet.debian.org/puppet-facts':
 		ensure => directory
-- 
2.20.1