From: Aurelien Jarno <aurelien@aurel32.net>
Date: Sun, 22 Sep 2019 18:48:01 +0000 (+0200)
Subject: Allow access to the tracker db @ danzi from ticharich
X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fdsa-puppet.git;a=commitdiff_plain;h=e6e108c7f741245f4a180f564d4dbc97780f50a0

Allow access to the tracker db @ danzi from ticharich
---

diff --git a/modules/ferm/manifests/per_host.pp b/modules/ferm/manifests/per_host.pp
index c27082586..140ac7e35 100644
--- a/modules/ferm/manifests/per_host.pp
+++ b/modules/ferm/manifests/per_host.pp
@@ -178,6 +178,16 @@ class ferm::per_host {
       }
     }
     danzi: {
+      ferm::rule { 'dsa-postgres-tracker':
+        description => 'Allow postgress access to cluster: tracker',
+        domain      => '(ip ip6)',
+        rule        => @("EOF"/$)
+          &SERVICE_RANGE(tcp, 5432, (
+            ${ join(getfromhash($deprecated::allnodeinfo, 'ticharich.debian.org', 'ipHostNumber'), " ") }
+            \$HOST_PGBACKUPHOST
+          ))
+          | EOF
+      }
       ferm::rule { 'dsa-postgres-danzi':
         # ubc, wuiet
         description => 'Allow postgress access',