Ensure that rtc's monit configuration file is absent

[dsa-puppet.git] / modules / roles / manifests / rtc.pp

diff --git a/modules/roles/manifests/rtc.pp b/modules/roles/manifests/rtc.pp
index 2609e5d43dff8717d7c66b69d9fabfdaef6d68c5..ceef3ce994ba7b318669787224fef254c0be0a2d 100644 (file)
--- a/modules/roles/manifests/rtc.pp
+++ b/modules/roles/manifests/rtc.pp
@@ -1,5 +1,4 @@
 class roles::rtc {
-       include concat::setup
 
        ssl::service { 'www.debian.org':
        }
@@ -37,6 +36,27 @@ class roles::rtc {
                require     => File['/etc/ssl/debian/certs/sip-ws.debian.org.crt-chain'],
        }
 
+       @ferm::rule { 'dsa-xmpp-client-ip4':
+               domain      => 'ip',
+               description => 'XMPP connections (client to server)',
+               rule        => 'proto tcp dport (5222) ACCEPT'
+       }
+       @ferm::rule { 'dsa-xmpp-client-ip6':
+               domain      => 'ip6',
+               description => 'XMPP connections (client to server)',
+               rule        => 'proto tcp dport (5222) ACCEPT'
+       }
+       @ferm::rule { 'dsa-xmpp-server-ip4':
+               domain      => 'ip',
+               description => 'XMPP connections (server to server)',
+               rule        => 'proto tcp dport (5269) ACCEPT'
+       }
+       @ferm::rule { 'dsa-xmpp-server-ip6':
+               domain      => 'ip6',
+               description => 'XMPP connections (server to server)',
+               rule        => 'proto tcp dport (5269) ACCEPT'
+       }
+
        @ferm::rule { 'dsa-sip-ws-ip4':
                domain      => 'ip',
                description => 'SIP connections (WebSocket; for WebRTC)',
@@ -89,7 +109,6 @@ class roles::rtc {
        }
 
        file { '/etc/monit/monit.d/50rtc':
-               source  => 'puppet:///modules/roles/rtc/monit',
-               mode    => '0440'
+               ensure  => absent,
        }
 }