}
# allow access from director
- Ferm::Rule::Simple <<| tag == 'bacula::director-to-fd' |>> {
+ Ferm::Rule::Simple <<| tag == "bacula::director-to-fd::${bacula::bacula_director_address}" |>> {
port => $bacula::bacula_client_port,
}
} elsif $ensure == 'absent' {
Concat::Fragment <<| tag == $bacula::tag_bacula_dsa_client_list |>>
@@ferm::rule::simple { "bacula::director-to-fd::${::fqdn}":
- tag => 'bacula::director-to-fd',
+ tag => "bacula::director-to-fd::${::fqdn}",
description => 'Allow bacula-fd from the bacula-director',
port => '7', # overridden on collecting
saddr => $bacula::public_addresses,
}
@@ferm::rule::simple { "bacula::director-to-storage::${::fqdn}":
- tag => 'bacula::director-to-storage',
+ tag => "bacula::director-to-storage::${::fqdn}",
description => 'Allow bacula-storage access from the bacula-director',
port => '7', # overridden on collecting
saddr => $bacula::public_addresses,
notarule => true,
}
# allow access from director
- Ferm::Rule::Simple <<| tag == 'bacula::director-to-storage' |>> {
+ Ferm::Rule::Simple <<| tag == "bacula::director-to-storage::${bacula::bacula_director_address}" |>> {
port => $bacula::bacula_storage_port,
}
projects / mirror / dsa-puppet.git / commitdiff