X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/882c7937de6cc8126084d50c966cbbd66e043dc7..c714aba0de40828044677c7b38890e3f7ba91436:/roles/nepomuk.rb

diff --git a/roles/nepomuk.rb b/roles/nepomuk.rb
index 2efce497d..8683ecbe5 100644
--- a/roles/nepomuk.rb
+++ b/roles/nepomuk.rb
@@ -3,9 +3,23 @@ description "Master role applied to nepomuk"
 
 default_attributes(
   :networking => {
+    :firewall => {
+      :inet => [
+        {
+          :action => "ACCEPT",
+          :source => "net:77.95.64.120,77.95.64.131,77.95.64.139",
+          :dest => "fw",
+          :proto => "tcp",
+          :dest_ports => "5666",
+          :source_ports => "1024:",
+          :rate_limit => "-",
+          :connection_limit => "-"
+        }
+      ]
+    },
     :interfaces => {
       :external_ipv4 => {
-        :interface => "eth1",
+        :interface => "eth0",
         :role => :external,
         :family => :inet,
         :address => "77.95.65.39",
@@ -13,7 +27,7 @@ default_attributes(
         :gateway => "77.95.65.33"
       },
       :external_ipv6 => {
-        :interface => "eth1",
+        :interface => "eth0",
         :role => :external,
         :family => :inet6,
         :address => "2a03:9180:0:100::7",
@@ -39,8 +53,7 @@ default_attributes(
     :hdd_tune => {
       :comment => "Tune the queue for improved performance",
       :parameters => {
-        "block/vda/queue/nr_requests" => "128",
-        "block/vda/queue/scheduler" => "deadline"
+        "block/vda/queue/nr_requests" => "128"
       }
     }
   },