restrict schroeder ssh, now with syntax

[dsa-puppet.git] / modules / ferm / templates / me.conf.erb

diff --git a/modules/ferm/templates/me.conf.erb b/modules/ferm/templates/me.conf.erb
index 690dc369cf4f1204195ed15000aff5c421f940fe..4efebbe84022a9d1ae8acaa622bd859d36b8fae7 100644 (file)
--- a/modules/ferm/templates/me.conf.erb
+++ b/modules/ferm/templates/me.conf.erb
@@ -3,13 +3,22 @@
 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
 ##
 
+<%=
+  out=''
+  case hostname
+  when 'schroeder' then 
+    out = '@def $CARNET = ( 193.198.184.8/29 161.53.160.133 161.53.160.90 161.53.11.222 161.53.12.134 161.53.12.142 161.53.12.143 );'
+  end
+  out
+%>
 
 @def $SSH_SOURCES = (<%=
 
 sshallowed = []
 
 case hostname
-  when 'logtest01', 'geo1', 'geo2', 'geo3', 'bartok', 'beethoven' then sshallowed << [ '$DSA_IPS', '$HOST_NAGIOS_V4', '$HOST_DB_V4' ]
+  when 'logtest01', 'geo1', 'geo2', 'geo3', 'bartok', 'beethoven', 'tchaikovsky' then sshallowed << [ '$DSA_IPS', '$HOST_NAGIOS_V4', '$HOST_DB_V4' ]
+  when 'schroeder' then sshallowed << [ '$DSA_IPS', '$HOST_NAGIOS_V4', '$HOST_DB_V4', '$CARNET' ]
 end
 
 case hostname
@@ -28,7 +37,7 @@ sshallowed.join(' ')
 sshallowed = []
 
 case hostname
-  when 'logtest01', 'geo1', 'geo2', 'geo3', 'bartok', 'beethoven' then sshallowed << [ '$DSA_V6_IPS', '$HOST_NAGIOS_V6', '$HOST_DB_V6' ]
+  when 'logtest01', 'geo1', 'geo2', 'geo3', 'bartok', 'beethoven', 'schroeder', 'tchaikovsky' then sshallowed << [ '$DSA_V6_IPS', '$HOST_NAGIOS_V6', '$HOST_DB_V6' ]
 end
 
 case hostname
@@ -47,7 +56,7 @@ def $SMTP_SOURCES =(<%=
 smtpallowed = []
 
 if not nodeinfo['smarthost'].empty?
-  smtpallowed = [ '$HOST_MAILRELAY_V4' ]
+  smtpallowed = [ '$HOST_MAILRELAY_V4', '$HOST_NAGIOS_V4' ]
 end
 
 if smtpallowed.length == 0
@@ -62,7 +71,7 @@ def $SMTP_V6_SOURCES =(<%=
 smtpallowed = []
 
 if not nodeinfo['smarthost'].empty?
-  smtpallowed = [ '$HOST_MAILRELAY_V6' ]
+  smtpallowed = [ '$HOST_MAILRELAY_V6', '$HOST_NAGIOS_V6' ]
 end
 
 if smtpallowed.length == 0