Muehlenhoff has uploaded a new change for review. ( https://gerrit.wikimedia.org/r/363213 )
Change subject: Restrict http access to ununpentium ...................................................................... Restrict http access to ununpentium rt.wikimedia.org is served via Varnish, so restrict to production networks. Now that it no longer needs SMTP access, it could also be removed to a non-public address, but not sure if that's really worth the hassle. Change-Id: Iebc3228fc69f133190a899bf883607c7a423812c --- M modules/profile/manifests/requesttracker/server.pp 1 file changed, 3 insertions(+), 3 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/13/363213/1 diff --git a/modules/profile/manifests/requesttracker/server.pp b/modules/profile/manifests/requesttracker/server.pp index 098b1a7..8c4ae6c 100644 --- a/modules/profile/manifests/requesttracker/server.pp +++ b/modules/profile/manifests/requesttracker/server.pp @@ -23,8 +23,8 @@ include ::base::firewall ferm::service { 'rt-http': - proto => 'tcp', - port => '80', + proto => 'tcp', + port => '80', + srange => '$PRODUCTION_NETWORKS', } - } -- To view, visit https://gerrit.wikimedia.org/r/363213 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Iebc3228fc69f133190a899bf883607c7a423812c Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Muehlenhoff <mmuhlenh...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits