Allow access to the tracker db @ danzi from ticharich

diff --git a/modules/ferm/manifests/per_host.pp b/modules/ferm/manifests/per_host.pp
index c270825..140ac7e 100644 (file)
--- a/modules/ferm/manifests/per_host.pp
+++ b/modules/ferm/manifests/per_host.pp
@@ -178,6 +178,16 @@ class ferm::per_host {
       }
     }
     danzi: {
+      ferm::rule { 'dsa-postgres-tracker':
+        description => 'Allow postgress access to cluster: tracker',
+        domain      => '(ip ip6)',
+        rule        => @("EOF"/$)
+          &SERVICE_RANGE(tcp, 5432, (
+            ${ join(getfromhash($deprecated::allnodeinfo, 'ticharich.debian.org', 'ipHostNumber'), " ") }
+            \$HOST_PGBACKUPHOST
+          ))
+          | EOF
+      }
       ferm::rule { 'dsa-postgres-danzi':
         # ubc, wuiet
         description => 'Allow postgress access',