pubsub: do not hardcode IPs

author Aurelien Jarno <aurelien@aurel32.net>

Fri, 27 Sep 2019 22:57:34 +0000 (00:57 +0200)

committer Aurelien Jarno <aurelien@aurel32.net>

Fri, 27 Sep 2019 22:57:34 +0000 (00:57 +0200)
author Aurelien Jarno <aurelien@aurel32.net>
Fri, 27 Sep 2019 22:57:34 +0000 (00:57 +0200)
committer Aurelien Jarno <aurelien@aurel32.net>
Fri, 27 Sep 2019 22:57:34 +0000 (00:57 +0200)
diff --git a/modules/roles/manifests/pubsub.pp b/modules/roles/manifests/pubsub.pp

index d165fcc..324bac6 100644 (file)
--- a/modules/roles/manifests/pubsub.pp
+++ b/modules/roles/manifests/pubsub.pp
@@ -36,21 +36,14 @@ class roles::pubsub {
         }
  
         if $::hostname == $cc_master {
-               $you  = '82.195.75.95'
-               $you6 = '2001:41b8:202:deb::311:95'
+               $other = join(getfromhash($deprecated::allnodeinfo, "${cc_secondary}.debian.org", 'ipHostNumber'), " ")
         } else {
-               $you  = '82.195.75.94'
-               $you6 = '2001:41b8:202:deb::311:94'
+               $other = join(getfromhash($deprecated::allnodeinfo, "${cc_master}.debian.org", 'ipHostNumber'), " ")
         }
  
         ferm::rule { 'rabbitmq_cluster':
-               domain      => 'ip',
-               description => 'rabbitmq cluster connections',
-               rule        => "proto tcp mod state state (NEW) saddr (${you}) ACCEPT"
-       }
-       ferm::rule { 'rabbitmq_cluster_v6':
-               domain      => 'ip6',
+               domain      => '(ip ip6)',
                 description => 'rabbitmq cluster connections',
-               rule        => "proto tcp mod state state (NEW) saddr (${you6}) ACCEPT"
+               rule        => "proto tcp mod state state (NEW) saddr (${other}) ACCEPT"
         }
  }
author	Aurelien Jarno <aurelien@aurel32.net>
	Fri, 27 Sep 2019 22:57:34 +0000 (00:57 +0200)
committer	Aurelien Jarno <aurelien@aurel32.net>
	Fri, 27 Sep 2019 22:57:34 +0000 (00:57 +0200)