X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=modules%2Fferm%2Fmanifests%2Fper-host.pp;h=45293401a0a5e414175e30d5bb873112b20e3338;hb=b3778507231415f03bf709d3337019a18e15f56a;hp=54e05b8cabc98490bed7c9f3de6132cde6923d0d;hpb=5f7575cb37beee3b49a8fcce1f8c80e1a39ca81a;p=dsa-puppet.git

diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp
index 54e05b8c..45293401 100644
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -14,9 +14,25 @@ class ferm::per-host {
 	case $::hostname {
 		oyens: {
 			@ferm::rule { 'dsa-amqp':
-				description     => 'Allow upsmon access',
+				description     => 'Allow rabbitmq access',
 				rule            => '&SERVICE_RANGE(tcp, 5672, ( 5.153.231.240/27 172.29.123.0/24 ))'
 			}
+			@ferm::rule { 'dsa-keystone':
+				description     => 'Allow keystone access',
+				rule            => '&SERVICE_RANGE(tcp, 5000, ( 5.153.231.240/27 172.29.123.0/24 ))'
+			}
+			@ferm::rule { 'dsa-keystone2':
+				description     => 'Allow keystone access',
+				rule            => '&SERVICE_RANGE(tcp, 35357, ( 5.153.231.240/27 172.29.123.0/24 ))'
+			}
+			@ferm::rule { 'dsa-glance':
+				description     => 'Allow glance access',
+				rule            => '&SERVICE_RANGE(tcp, 9292, ( 5.153.231.240/27 172.29.123.0/24 ))'
+			}
+			@ferm::rule { 'dsa-nova':
+				description     => 'Allow nova access',
+				rule            => '&SERVICE_RANGE(tcp, 8774, ( 5.153.231.240/27 172.29.123.0/24 ))'
+			}
 		}
 	}
 	case $::hostname {