Allow access to nagios remote plugins on nepomuk

author Tom Hughes <tom@compton.nu>

Mon, 6 Nov 2017 19:22:36 +0000 (19:22 +0000)

committer Tom Hughes <tom@compton.nu>

Mon, 6 Nov 2017 19:22:36 +0000 (19:22 +0000)
author Tom Hughes <tom@compton.nu>
Mon, 6 Nov 2017 19:22:36 +0000 (19:22 +0000)
committer Tom Hughes <tom@compton.nu>
Mon, 6 Nov 2017 19:22:36 +0000 (19:22 +0000)
diff --git a/roles/nepomuk.rb b/roles/nepomuk.rb

index 7fba6fb5b841a0eadb453ce46f78a68e85168a81..8c2f3f4a32f4a53f18315386f536bde8cc25683a 100644 (file)
--- a/roles/nepomuk.rb
+++ b/roles/nepomuk.rb
@@ -3,6 +3,20 @@ description "Master role applied to nepomuk"
  
  default_attributes(
    :networking => {
+    :firewall => {
+      :inet => [
+        {
+          :action => "ACCEPT",
+          :source => "net:77.95.64.120,77.95.64.131,77.95.64.139",
+          :dest => "fw",
+          :proto => "tcp",
+          :dest_ports => "5666",
+          :source_ports => "1024:",
+          :rate_limit => "-",
+          :connection_limit => "-"
+        }
+      ]
+    },
      :interfaces => {
        :external_ipv4 => {
          :interface => "eth0",
author	Tom Hughes <tom@compton.nu>
	Mon, 6 Nov 2017 19:22:36 +0000 (19:22 +0000)
committer	Tom Hughes <tom@compton.nu>
	Mon, 6 Nov 2017 19:22:36 +0000 (19:22 +0000)