Fix VPN configuration

diff --git a/cookbooks/networking/recipes/default.rb b/cookbooks/networking/recipes/default.rb
index 39611a9dfdb0e2aa5bde681cb40bbd2aa8921a9d..8355b54c036e68d0b12d4d68e610e10c962c84d1 100644 (file)
--- a/cookbooks/networking/recipes/default.rb
+++ b/cookbooks/networking/recipes/default.rb
@@ -35,10 +35,8 @@ node[:networking][:interfaces].each do |name, interface|
 
   prefix = node[:networking][:interfaces][name][:prefix]
 
-  # rubocop:disable Style/RedundantParentheses
   node.set[:networking][:interfaces][name][:netmask] = (~IPAddr.new(interface[:address]).mask(0)).mask(prefix)
   node.set[:networking][:interfaces][name][:network] = IPAddr.new(interface[:address]).mask(prefix)
-  # rubocop:enable Style/RedundantParentheses
 end
 
 template "/etc/network/interfaces" do
@@ -209,7 +207,7 @@ firewall_rule "limit-icmp-echo" do
   rate_limit "s:1/sec:5"
 end
 
-%w(ucl ic bm).each do |zone|
+%w(ucl ic bm aws).each do |zone|
   firewall_rule "accept-openvpn-#{zone}" do
     action :accept
     family :inet

diff --git a/roles/fafnir.rb b/roles/fafnir.rb
index 1c5ee364f5f4a7547f83afffde405d4b796d71b1..b50e2fc3a9284f7cbf11a5a66183bc612b754576 100644 (file)
--- a/roles/fafnir.rb
+++ b/roles/fafnir.rb
@@ -28,7 +28,8 @@ default_attributes(
         :port => "1194",
         :mode => "client",
         :peer => {
-          :host => "ironbelly.openstreetmap.org"
+          :host => "ironbelly.openstreetmap.org",
+          :port => "1195"
         }
       }
     }