Dzahn has uploaded a new change for review.
https://gerrit.wikimedia.org/r/190147
Change subject: wikitech - add ferm rules for http/https
......................................................................
wikitech - add ferm rules for http/https
Add ferm services for http and https on wikitech (nova manager),
which is now silver.
There will be other holes needed and these will be noop now,
but they are a requirement to be able to later apply base::firewall on silver.
Change-Id: If1616711a8440cbfc027babcaf8e617e90f72f87
---
M manifests/role/nova.pp
1 file changed, 10 insertions(+), 0 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/47/190147/1
diff --git a/manifests/role/nova.pp b/manifests/role/nova.pp
index 3bc5176..1397698 100644
--- a/manifests/role/nova.pp
+++ b/manifests/role/nova.pp
@@ -196,6 +196,16 @@
$ssl_settings = ssl_ciphersuite('apache-2.2', 'compat', '365')
+ ferm::service { 'wikitech_http':
+ proto => 'tcp',
+ port => '80',
+ }
+
+ ferm::service { 'wikitech_https':
+ proto => 'tcp',
+ port => '443',
+ }
+
class { 'openstack::openstack-manager':
novaconfig => $novaconfig,
certificate => $certificate,
--
To view, visit https://gerrit.wikimedia.org/r/190147
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: If1616711a8440cbfc027babcaf8e617e90f72f87
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Dzahn <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
