move syslog ferm into syslog role

author Peter Palfrader <peter@palfrader.org>

Thu, 22 Aug 2019 08:47:51 +0000 (10:47 +0200)

committer Peter Palfrader <peter@palfrader.org>

Thu, 22 Aug 2019 08:47:51 +0000 (10:47 +0200)
author Peter Palfrader <peter@palfrader.org>
Thu, 22 Aug 2019 08:47:51 +0000 (10:47 +0200)
committer Peter Palfrader <peter@palfrader.org>
Thu, 22 Aug 2019 08:47:51 +0000 (10:47 +0200)
diff --git a/modules/ferm/manifests/per_host.pp b/modules/ferm/manifests/per_host.pp

index 7e650f8..19d20aa 100644 (file)
--- a/modules/ferm/manifests/per_host.pp
+++ b/modules/ferm/manifests/per_host.pp
@@ -14,21 +14,6 @@ class ferm::per_host {
                                 rule            => '&SERVICE_RANGE(tcp, 3493, ( 82.195.75.64/26 192.168.43.0/24 ))'
                         }
                 }
-               lotti,loghost-grnet-01,loghost-osuosl-01: {
-                       @ferm::rule { 'dsa-syslog':
-                               description     => 'Allow syslog access',
-                               rule            => '&SERVICE_RANGE(tcp, 5140, $HOST_DEBIAN_V4)'
-                       }
-                       @ferm::rule { 'dsa-syslog-v6':
-                               domain          => 'ip6',
-                               description     => 'Allow syslog access',
-                               rule            => '&SERVICE_RANGE(tcp, 5140, $HOST_DEBIAN_V6)'
-                       }
-                       @ferm::rule { 'fastly-syslog':
-                               description     => 'Allow syslog access',
-                               rule            => '&SERVICE_RANGE(tcp, 5141, $HOST_FASTLY)'
-                       }
-               }
                 kaufmann: {
                         @ferm::rule { 'dsa-hkp':
                                 domain          => '(ip ip6)',
diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp

index 1837f94..13ac016 100644 (file)
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -396,6 +396,6 @@ class roles {
         }
  
         if has_role('loghost') {
-               include syslog_ng::loghost
+               include roles::loghost
         }
  }
diff --git a/modules/roles/manifests/loghost.pp b/modules/roles/manifests/loghost.pp

new file mode 100644 (file)

index 0000000..fb44c1e
--- /dev/null
+++ b/modules/roles/manifests/loghost.pp
@@ -0,0 +1,13 @@
+class roles::loghost {
+       include syslog_ng::loghost
+
+       ferm::rule { 'dsa-syslog':
+               domain          => '(ip ip6)',
+               description     => 'Allow syslog access',
+               rule            => '&SERVICE_RANGE(tcp, 5140, $HOST_DEBIAN)'
+       }
+       ferm::rule { 'fastly-syslog':
+               description     => 'Allow syslog access',
+               rule            => '&SERVICE_RANGE(tcp, 5141, $HOST_FASTLY)'
+       }
+}
author	Peter Palfrader <peter@palfrader.org>
	Thu, 22 Aug 2019 08:47:51 +0000 (10:47 +0200)
committer	Peter Palfrader <peter@palfrader.org>
	Thu, 22 Aug 2019 08:47:51 +0000 (10:47 +0200)
modules/ferm/manifests/per_host.pp		patch \| blob \| history
modules/roles/manifests/init.pp		patch \| blob \| history
modules/roles/manifests/loghost.pp	[new file with mode: 0644]	patch \| blob