Dzahn has submitted this change and it was merged.
Change subject: wikitech - add ferm rules for http/https
......................................................................
wikitech - add ferm rules for http/https
Add ferm services for http and https on wikitech (nova manager),
which is now silver.
There will be other holes needed and these will be noop now,
but they are a requirement to be able to later apply base::firewall on silver.
Change-Id: If1616711a8440cbfc027babcaf8e617e90f72f87
---
M manifests/role/nova.pp
1 file changed, 10 insertions(+), 0 deletions(-)
Approvals:
jenkins-bot: Verified
Dzahn: Looks good to me, approved
diff --git a/manifests/role/nova.pp b/manifests/role/nova.pp
index b6dc225..61282f5 100644
--- a/manifests/role/nova.pp
+++ b/manifests/role/nova.pp
@@ -198,6 +198,16 @@
$ssl_settings = ssl_ciphersuite('apache-2.2', 'compat', '365')
+ ferm::service { 'wikitech_http':
+ proto => 'tcp',
+ port => '80',
+ }
+
+ ferm::service { 'wikitech_https':
+ proto => 'tcp',
+ port => '443',
+ }
+
class { 'openstack::openstack-manager':
novaconfig => $novaconfig,
certificate => $certificate,
--
To view, visit https://gerrit.wikimedia.org/r/190147
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: If1616711a8440cbfc027babcaf8e617e90f72f87
Gerrit-PatchSet: 2
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Dzahn <[email protected]>
Gerrit-Reviewer: Alexandros Kosiaris <[email protected]>
Gerrit-Reviewer: Andrew Bogott <[email protected]>
Gerrit-Reviewer: Dzahn <[email protected]>
Gerrit-Reviewer: JanZerebecki <[email protected]>
Gerrit-Reviewer: John F. Lewis <[email protected]>
Gerrit-Reviewer: Yuvipanda <[email protected]>
Gerrit-Reviewer: coren <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
