danzi: merge dsa-postgres-danzi and dsa-postgres-danzi6

author Aurelien Jarno <aurelien@aurel32.net>

Sun, 22 Sep 2019 18:59:47 +0000 (20:59 +0200)

committer Aurelien Jarno <aurelien@aurel32.net>

Sun, 22 Sep 2019 19:01:44 +0000 (21:01 +0200)
author Aurelien Jarno <aurelien@aurel32.net>
Sun, 22 Sep 2019 18:59:47 +0000 (20:59 +0200)
committer Aurelien Jarno <aurelien@aurel32.net>
Sun, 22 Sep 2019 19:01:44 +0000 (21:01 +0200)
diff --git a/modules/ferm/manifests/per_host.pp b/modules/ferm/manifests/per_host.pp

index 140ac7e..92eaa7f 100644 (file)
--- a/modules/ferm/manifests/per_host.pp
+++ b/modules/ferm/manifests/per_host.pp
@@ -188,17 +188,12 @@ class ferm::per_host {
            ))
            | EOF
        }
-      ferm::rule { 'dsa-postgres-danzi':
+      ferm::rule { 'dsa-postgres-main':
          # ubc, wuiet
-        description => 'Allow postgress access',
-        rule        => '&SERVICE_RANGE(tcp, 5433, ( 206.12.19.0/24 209.87.16.0/24 5.153.231.18/32 ))'
-      }
-      ferm::rule { 'dsa-postgres-danzi6':
-        domain      => 'ip6',
-        description => 'Allow postgress access',
-        rule        => '&SERVICE_RANGE(tcp, 5433, ( 2607:f8f0:610:4000::/64 2607:f8f0:614:1::/64 2001:41c8:1000:21::21:18/128 ))'
+        description => 'Allow postgress access to cluster: main',
+        domain      => '(ip ip6)',
+        rule        => '&SERVICE_RANGE(tcp, 5433, ( 209.87.16.0/24 2607:f8f0:614:1::/64 ))'
        }
-
        ferm::rule { 'dsa-postgres2-danzi':
          description => 'Allow postgress access2',
          rule        => '&SERVICE_RANGE(tcp, 5434, ( 209.87.16.0/24 ))'
author	Aurelien Jarno <aurelien@aurel32.net>
	Sun, 22 Sep 2019 18:59:47 +0000 (20:59 +0200)
committer	Aurelien Jarno <aurelien@aurel32.net>
	Sun, 22 Sep 2019 19:01:44 +0000 (21:01 +0200)