Rush has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/392063 )
Change subject: labstore: fix rsync rule for misc
......................................................................
labstore: fix rsync rule for misc
* fix name
* ferm does not like @resolve() w/ an IP
* ferm::rule => ferm::service
Bug: T165136
Bug: T180659
Change-Id: Icfec14208749a038f5bdb6bb872a1a4fa720977e
---
M modules/role/manifests/labs/nfs/misc.pp
1 file changed, 5 insertions(+), 4 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/63/392063/1
diff --git a/modules/role/manifests/labs/nfs/misc.pp
b/modules/role/manifests/labs/nfs/misc.pp
index bd8f8ca..3c22702 100644
--- a/modules/role/manifests/labs/nfs/misc.pp
+++ b/modules/role/manifests/labs/nfs/misc.pp
@@ -106,10 +106,11 @@
require => File['/srv/maps'],
}
+ $dump_allow_srange = join($dump_servers_ips, ' ')
# this is how prod hosts drop off datasets for serving
- ferm::rule{'puppetbackendgetter':
- ensure => 'present',
- rule => "saddr (@resolve((${dump_servers_ips}))
@resolve((${statistics_servers})))
- proto tcp dport 873 ACCEPT;",
+ ferm::service{'rsync_dropoff':
+ port => '873',
+ proto => 'tcp',
+ srange => '(($dump_allow_srange @resolve($statistics_servers))'
}
}
--
To view, visit https://gerrit.wikimedia.org/r/392063
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Icfec14208749a038f5bdb6bb872a1a4fa720977e
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Rush <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
