X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=manifests%2Fsite.pp;h=4ad02242ac9acfd6afb3d2a89c456022d66be703;hb=5244957c0cd8b29cd15fc7cd55dc996dbb9ced3a;hp=2ebe52d8f5710f3046ac065735771669be155cfd;hpb=678631469f23ba38dff2106772684f35586632f8;p=dsa-puppet.git

diff --git a/manifests/site.pp b/manifests/site.pp
index 2ebe52d8..4ad02242 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -29,6 +29,7 @@ node default {
     include monit
     include apt-keys
     include ntp
+    include ssl
 
     include motd
 
@@ -91,7 +92,7 @@ node default {
     }
 
     case $hostname {
-        franck,powell,logtest01,geo1,geo2,geo3,bartok,senfl,beethoven,piatti,saens,villa,lobos,raff,gluck,schein,wieck,steffani,ball,handel,tchaikovsky: { include ferm }
+        franck,powell,logtest01,geo1,geo2,geo3,bartok,senfl,beethoven,piatti,saens,villa,lobos,raff,gluck,schein,wieck,steffani,ball,handel,tchaikovsky,heininen,nielsen,kokkonen: { include ferm }
     }
     case $hostname {
         zandonai,zelenka: {
@@ -167,6 +168,17 @@ node default {
 		    rule            => "source 172.22.127.147 interface bond0 jump ACCEPT",
 	   }
 	}
+        heininen: {
+	   @ferm::rule { "dsa-syslog":
+		    description     => "Allow syslog access",
+		    rule            => "&SERVICE_RANGE(tcp, 5140, \$HOST_DEBIAN_V4)"
+	   }
+	   @ferm::rule { "dsa-syslog-v6":
+		    domain          => 'ip6',
+		    description     => "Allow syslog access",
+		    rule            => "&SERVICE_RANGE(tcp, 5140, \$HOST_DEBIAN_V6)"
+	   }
+        }
 
     }
     case $brokenhosts {