different db stuff for qa/ticharich

author Peter Palfrader <peter@palfrader.org>

Mon, 18 Nov 2013 19:45:29 +0000 (20:45 +0100)

committer Peter Palfrader <peter@palfrader.org>

Mon, 18 Nov 2013 19:45:29 +0000 (20:45 +0100)
author Peter Palfrader <peter@palfrader.org>
Mon, 18 Nov 2013 19:45:29 +0000 (20:45 +0100)
committer Peter Palfrader <peter@palfrader.org>
Mon, 18 Nov 2013 19:45:29 +0000 (20:45 +0100)
diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp

index 4c3cc4c558dfd5dcdfa3e16414a57aec0dc4d616..ecba854178893ba29e2d223a351731d7eaf53300 100644 (file)
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -218,12 +218,12 @@ class ferm::per-host {
                 bmdb1: {
                         @ferm::rule { 'dsa-postgres-main':
                                 description     => 'Allow postgress access',
-                               rule            => '&SERVICE_RANGE(tcp, 5435, ( 5.153.231.14/32 ))'
+                               rule            => '&SERVICE_RANGE(tcp, 5435, ( 5.153.231.14/32 5.153.231.23/32 ))'
                         }
                         @ferm::rule { 'dsa-postgres-main6':
                                 domain          => 'ip6',
                                 description     => 'Allow postgress access',
-                               rule            => '&SERVICE_RANGE(tcp, 5435, ( 2001:41c8:1000:21::21:14/128 ))'
+                               rule            => '&SERVICE_RANGE(tcp, 5435, ( 2001:41c8:1000:21::21:14/128 2001:41c8:1000:21::21:23/128 ))'
                         }
                         @ferm::rule { 'dsa-postgres-dak':
                                 description     => 'Allow postgress access',
@@ -254,26 +254,6 @@ class ferm::per-host {
                                 description     => 'Allow postgress access1',
                                 rule            => '&SERVICE_RANGE(tcp, 5437, ( 2001:41c8:1000:21::21:19/128 ))'
                         }
-                       @ferm::rule { 'dsa-postgres-tracker':
-                               # dinis
-                               description     => 'Allow postgress access for tracker',
-                               rule            => '&SERVICE_RANGE(tcp, 5438, ( 5.153.231.23/32 ))'
-                       }
-                       @ferm::rule { 'dsa-postgres-tracker6':
-                               domain          => 'ip6',
-                               description     => 'Allow postgress access for tracker1',
-                               rule            => '&SERVICE_RANGE(tcp, 5438, ( 2001:41c8:1000:21::21:23/128 ))'
-                       }
-                       @ferm::rule { 'dsa-postgres-tracker-dev':
-                               # dinis
-                               description     => 'Allow postgress access for tracker-dev',
-                               rule            => '&SERVICE_RANGE(tcp, 5439, ( 5.153.231.23/32 ))'
-                       }
-                       @ferm::rule { 'dsa-postgres-tracker-dev6':
-                               domain          => 'ip6',
-                               description     => 'Allow postgress access for tracker-dev',
-                               rule            => '&SERVICE_RANGE(tcp, 5439, ( 2001:41c8:1000:21::21:23/128 ))'
-                       }
                 }
                 danzi: {
                         @ferm::rule { 'dsa-postgres-danzi':
author	Peter Palfrader <peter@palfrader.org>
	Mon, 18 Nov 2013 19:45:29 +0000 (20:45 +0100)
committer	Peter Palfrader <peter@palfrader.org>
	Mon, 18 Nov 2013 19:45:29 +0000 (20:45 +0100)