puppetmaster is more important than handel

author Stephen Gran <steve@lobefin.net>

Thu, 3 May 2012 06:33:48 +0000 (07:33 +0100)

committer Stephen Gran <steve@lobefin.net>

Thu, 3 May 2012 06:33:48 +0000 (07:33 +0100)
author Stephen Gran <steve@lobefin.net>
Thu, 3 May 2012 06:33:48 +0000 (07:33 +0100)
committer Stephen Gran <steve@lobefin.net>
Thu, 3 May 2012 06:33:48 +0000 (07:33 +0100)
diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp

index 5f175260aeb625685ab31e35afa8e9067af812d6..82f9eb8e7aecfddf0040e4e05c3a0e459e8a86b1 100644 (file)
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -40,17 +40,6 @@ class ferm::per-host {
                                 rule            => '&SERVICE(udp, 69)'
                         }
                 }
-               handel: {
-                       @ferm::rule { 'dsa-puppet':
-                               description     => 'Allow puppet access',
-                               rule            => '&SERVICE_RANGE(tcp, 8140, $HOST_DEBIAN_V4)'
-                       }
-                       @ferm::rule { 'dsa-puppet-v6':
-                               domain          => 'ip6',
-                               description     => 'Allow puppet access',
-                               rule            => '&SERVICE_RANGE(tcp, 8140, $HOST_DEBIAN_V6)'
-                       }
-               }
                 powell: {
                         @ferm::rule { 'dsa-powell-v6-tunnel':
                                 description     => 'Allow powell to use V6 tunnel broker',
diff --git a/modules/puppetmaster/manifests/init.pp b/modules/puppetmaster/manifests/init.pp

index ca91a0bb2ee995ec680096314ee1e77c7d0754ea..1aad49cb2f2fbdba0f1dfdf9700b11c60027f551 100644 (file)
--- a/modules/puppetmaster/manifests/init.pp
+++ b/modules/puppetmaster/manifests/init.pp
@@ -1,5 +1,16 @@
  class puppetmaster {
+
         file { '/etc/puppet/hiera.yaml':
                 source => 'puppet:///modules/puppetmaster/hiera.yaml'
         }
+
+       @ferm::rule { 'dsa-puppet':
+               description     => 'Allow puppet access',
+               rule            => '&SERVICE_RANGE(tcp, 8140, $HOST_DEBIAN_V4)'
+       }
+       @ferm::rule { 'dsa-puppet-v6':
+               domain          => 'ip6',
+               description     => 'Allow puppet access',
+               rule            => '&SERVICE_RANGE(tcp, 8140, $HOST_DEBIAN_V6)'
+       }
  }
author	Stephen Gran <steve@lobefin.net>
	Thu, 3 May 2012 06:33:48 +0000 (07:33 +0100)
committer	Stephen Gran <steve@lobefin.net>
	Thu, 3 May 2012 06:33:48 +0000 (07:33 +0100)
modules/ferm/manifests/per-host.pp		patch \| blob \| history
modules/puppetmaster/manifests/init.pp		patch \| blob \| history