From: Tom Hughes Date: Mon, 13 Apr 2020 14:02:35 +0000 (+0100) Subject: Simplify firewall zones X-Git-Url: https://git.openstreetmap.org/chef.git/commitdiff_plain/eb690e187c60604ecd3c257edfe9313971ab2fae Simplify firewall zones Move all hosts except those at Equiniz, UCL and Bytemark into the osm zone. --- diff --git a/roles/altavoz.rb b/roles/altavoz.rb index e8946f17e..8deb1dfda 100644 --- a/roles/altavoz.rb +++ b/roles/altavoz.rb @@ -8,12 +8,7 @@ default_attributes( :nameservers => [ "200.91.44.10", "200.91.41.10" - ], - :roles => { - :external => { - :zone => "av" - } - } + ] } ) diff --git a/roles/aws.rb b/roles/aws.rb index 5f4ac7ace..d4ad3fd0f 100644 --- a/roles/aws.rb +++ b/roles/aws.rb @@ -14,7 +14,6 @@ default_attributes( } }, :external => { - :zone => "aws", :inet => { :prefix => "32" } diff --git a/roles/base.rb b/roles/base.rb index 23b5e4e1a..ce481861c 100644 --- a/roles/base.rb +++ b/roles/base.rb @@ -20,7 +20,7 @@ default_attributes( :networking => { :roles => { :internal => { :metric => 200, :zone => "loc" }, - :external => { :metric => 100 } + :external => { :metric => 100, :zone => "osm" } }, :search => ["openstreetmap.org"] }, diff --git a/roles/blix.rb b/roles/blix.rb index 835da71c9..f58d760dc 100644 --- a/roles/blix.rb +++ b/roles/blix.rb @@ -9,11 +9,6 @@ default_attributes( }, :hosted_by => "Blix Solutions", :networking => { - :nameservers => ["8.8.8.8", "8.8.4.4"], - :roles => { - :external => { - :zone => "bx" - } - } + :nameservers => ["8.8.8.8", "8.8.4.4"] } ) diff --git a/roles/c3sl.rb b/roles/c3sl.rb index e01f5ed3d..b44eab9d1 100644 --- a/roles/c3sl.rb +++ b/roles/c3sl.rb @@ -11,12 +11,7 @@ default_attributes( :location => "Curitiba, Brazil", :timezone => "America/Sao_Paulo", :networking => { - :nameservers => ["200.17.202.3", "200.236.31.1"], - :roles => { - :external => { - :zone => "osm" - } - } + :nameservers => ["200.17.202.3", "200.236.31.1"] } ) diff --git a/roles/carnet.rb b/roles/carnet.rb index fab353fa6..8ed5cb3f6 100644 --- a/roles/carnet.rb +++ b/roles/carnet.rb @@ -7,14 +7,7 @@ default_attributes( :hbogner => { :status => :administrator } } }, - :hosted_by => "CARNet", - :networking => { - :roles => { - :external => { - :zone => "cnt" - } - } - } + :hosted_by => "CARNet" ) override_attributes( diff --git a/roles/catalyst.rb b/roles/catalyst.rb index f5101a24f..44319813f 100644 --- a/roles/catalyst.rb +++ b/roles/catalyst.rb @@ -5,12 +5,7 @@ default_attributes( :hosted_by => "Catalyst", :location => "Hamilton, New Zealand", :networking => { - :nameservers => ["202.78.244.85", "202.78.244.86", "202.78.244.87"], - :roles => { - :external => { - :zone => "osm" - } - } + :nameservers => ["202.78.244.85", "202.78.244.86", "202.78.244.87"] } ) diff --git a/roles/datahata.rb b/roles/datahata.rb index 650c8a7fe..42b3d40f7 100644 --- a/roles/datahata.rb +++ b/roles/datahata.rb @@ -14,12 +14,7 @@ default_attributes( "31.130.200.2", "8.8.8.8", "8.8.4.4" - ], - :roles => { - :external => { - :zone => "dh" - } - } + ] } ) diff --git a/roles/delta.rb b/roles/delta.rb index 109c9340c..bf307528a 100644 --- a/roles/delta.rb +++ b/roles/delta.rb @@ -5,12 +5,7 @@ default_attributes( :hosted_by => "Delta Telecom", :location => "Baku, Azerbaijan", :networking => { - :nameservers => ["94.20.20.20", "8.8.8.8", "8.8.4.4"], - :roles => { - :external => { - :zone => "dt" - } - } + :nameservers => ["94.20.20.20", "8.8.8.8", "8.8.4.4"] } ) diff --git a/roles/dotsrc.rb b/roles/dotsrc.rb index e236f2756..21838b72d 100644 --- a/roles/dotsrc.rb +++ b/roles/dotsrc.rb @@ -9,12 +9,7 @@ default_attributes( "130.226.1.2", "130.226.255.53", "2001:878:0:100::2" - ], - :roles => { - :external => { - :zone => "ds" - } - } + ] } ) diff --git a/roles/edgeuno.rb b/roles/edgeuno.rb index a11b1af86..c1224f2ba 100644 --- a/roles/edgeuno.rb +++ b/roles/edgeuno.rb @@ -36,11 +36,6 @@ default_attributes( :nameservers => [ "8.8.8.8", "1.1.1.1" - ], - :roles => { - :external => { - :zone => "osm" - } - } + ] } ) diff --git a/roles/euserv.rb b/roles/euserv.rb index 8a2de049a..ec354bfe2 100644 --- a/roles/euserv.rb +++ b/roles/euserv.rb @@ -7,12 +7,7 @@ default_attributes( :networking => { :nameservers => [ "85.31.184.60", "85.31.184.61", "85.31.185.60", "85.31.185.61" - ], - :roles => { - :external => { - :zone => "es" - } - } + ] } ) diff --git a/roles/exonetric.rb b/roles/exonetric.rb index ea1c00481..b03aa8c71 100644 --- a/roles/exonetric.rb +++ b/roles/exonetric.rb @@ -13,7 +13,6 @@ default_attributes( :nameservers => ["8.8.8.8", "8.8.4.4"], :roles => { :external => { - :zone => "ex", :inet => { :prefix => "28", :gateway => "178.250.74.33" diff --git a/roles/faimaison.rb b/roles/faimaison.rb index 2a87de160..a72fff50b 100644 --- a/roles/faimaison.rb +++ b/roles/faimaison.rb @@ -9,12 +9,7 @@ default_attributes( "8.8.8.8", "8.8.4.4", "1.1.1.1" - ], - :roles => { - :external => { - :zone => "osm" - } - } + ] } ) diff --git a/roles/ffrl.rb b/roles/ffrl.rb index 7858e1b59..35599a01c 100644 --- a/roles/ffrl.rb +++ b/roles/ffrl.rb @@ -8,12 +8,7 @@ default_attributes( :nameservers => [ "8.8.8.8", "8.8.4.4" - ], - :roles => { - :external => { - :zone => "ffr" - } - } + ] } ) diff --git a/roles/firefishynet.rb b/roles/firefishynet.rb index 58f78d332..fca212ad8 100644 --- a/roles/firefishynet.rb +++ b/roles/firefishynet.rb @@ -10,9 +10,6 @@ default_attributes( :prefix => "24", :gateway => "10.89.121.1" } - }, - :external => { - :zone => "ff" } } } diff --git a/roles/g5solutions.rb b/roles/g5solutions.rb index 5cb41ec5d..96aaa883b 100644 --- a/roles/g5solutions.rb +++ b/roles/g5solutions.rb @@ -13,12 +13,7 @@ default_attributes( :nameservers => [ "8.8.8.8", "8.8.4.4" - ], - :roles => { - :external => { - :zone => "g5s" - } - } + ] } ) diff --git a/roles/gandi.rb b/roles/gandi.rb index 6868a7c61..d1a332a15 100644 --- a/roles/gandi.rb +++ b/roles/gandi.rb @@ -9,12 +9,7 @@ default_attributes( "217.70.186.194", "217.70.186.193", "2001:4b98:dc2:49::193" - ], - :roles => { - :external => { - :zone => "osm" - } - } + ] } ) diff --git a/roles/grifon.rb b/roles/grifon.rb index 054af06f1..c9653f93d 100644 --- a/roles/grifon.rb +++ b/roles/grifon.rb @@ -29,12 +29,7 @@ default_attributes( } ] }, - :nameservers => ["2a00:5884::7", "8.8.8.8", "8.8.4.4"], - :roles => { - :external => { - :zone => "grf" - } - } + :nameservers => ["2a00:5884::7", "8.8.8.8", "8.8.4.4"] } ) diff --git a/roles/grnet.rb b/roles/grnet.rb index 6893b6592..1ca197be5 100644 --- a/roles/grnet.rb +++ b/roles/grnet.rb @@ -13,12 +13,7 @@ default_attributes( :nameservers => [ "8.8.8.8", "8.8.4.4" - ], - :roles => { - :external => { - :zone => "grn" - } - } + ] } ) diff --git a/roles/hetzner.rb b/roles/hetzner.rb index 4ed08654d..20d855f65 100644 --- a/roles/hetzner.rb +++ b/roles/hetzner.rb @@ -11,12 +11,7 @@ default_attributes( "2a01:4f8:0:a111::add:9898", "2a01:4f8:0:a102::add:9999", "2a01:4f8:0:a0a1::add:1010" - ], - :roles => { - :external => { - :zone => "hz" - } - } + ] } ) diff --git a/roles/hostedinnz.rb b/roles/hostedinnz.rb index d8f0311b1..7e0944309 100644 --- a/roles/hostedinnz.rb +++ b/roles/hostedinnz.rb @@ -10,12 +10,7 @@ default_attributes( :hosted_by => "HostedIn.NZ", :location => "Wellington, New Zealand", :networking => { - :nameservers => ["8.8.8.8", "8.8.4.4"], - :roles => { - :external => { - :zone => "osm" - } - } + :nameservers => ["8.8.8.8", "8.8.4.4"] }, :snmpd => { :clients => ["103.106.66.28"], diff --git a/roles/inxza.rb b/roles/inxza.rb index 03d5ff70e..aa80ea347 100644 --- a/roles/inxza.rb +++ b/roles/inxza.rb @@ -9,12 +9,7 @@ default_attributes( "196.10.52.52", "196.10.54.54", "196.10.55.55" - ], - :roles => { - :external => { - :zone => "ixz" - } - } + ] } ) diff --git a/roles/iway.rb b/roles/iway.rb index b734f2eea..3a4c1b888 100644 --- a/roles/iway.rb +++ b/roles/iway.rb @@ -24,12 +24,7 @@ default_attributes( } ] }, - :nameservers => ["2001:8e0:ffff:ac1::1", "8.8.8.8", "8.8.4.4"], - :roles => { - :external => { - :zone => "osm" - } - } + :nameservers => ["2001:8e0:ffff:ac1::1", "8.8.8.8", "8.8.4.4"] } ) diff --git a/roles/jump.rb b/roles/jump.rb index 9a026f370..4186ecc4c 100644 --- a/roles/jump.rb +++ b/roles/jump.rb @@ -10,12 +10,7 @@ default_attributes( "2001:ba8:0:2c02::", "2001:ba8:0:2c03::", "2001:ba8:0:2c04::" - ], - :roles => { - :external => { - :zone => "jn" - } - } + ] } ) diff --git a/roles/lyonix.rb b/roles/lyonix.rb index a5aff59e0..faf838dac 100644 --- a/roles/lyonix.rb +++ b/roles/lyonix.rb @@ -5,12 +5,7 @@ default_attributes( :hosted_by => "LyonIX", :location => "Lyon, France", :networking => { - :nameservers => ["77.95.64.205", "77.95.64.206", "8.8.8.8", "8.8.4.4"], - :roles => { - :external => { - :zone => "ly" - } - } + :nameservers => ["77.95.64.205", "77.95.64.206", "8.8.8.8", "8.8.4.4"] }, :snmpd => { :clients => ["77.95.64.0/24", "77.95.70.0/24"], diff --git a/roles/lysator.rb b/roles/lysator.rb index 22f34ea52..7bf25dc16 100644 --- a/roles/lysator.rb +++ b/roles/lysator.rb @@ -11,12 +11,7 @@ default_attributes( :hosted_by => "Lysator", :location => "Linköping, Sweden", :networking => { - :nameservers => ["130.236.254.225", "2001:6b0:17:f0a0::e1", "130.236.254.4"], - :roles => { - :external => { - :zone => "osm" - } - } + :nameservers => ["130.236.254.225", "2001:6b0:17:f0a0::e1", "130.236.254.4"] } ) diff --git a/roles/milkywan.rb b/roles/milkywan.rb index d84cf5319..7f75a2edc 100644 --- a/roles/milkywan.rb +++ b/roles/milkywan.rb @@ -24,12 +24,7 @@ default_attributes( } ] }, - :nameservers => ["130.117.11.11", "2a0b:cbc0:42::42"], - :roles => { - :external => { - :zone => "osm" - } - } + :nameservers => ["130.117.11.11", "2a0b:cbc0:42::42"] } ) diff --git a/roles/nchc.rb b/roles/nchc.rb index 58b3ed500..9af0b8af1 100644 --- a/roles/nchc.rb +++ b/roles/nchc.rb @@ -11,12 +11,7 @@ default_attributes( :hosted_by => "NCHC", :location => "Hsinchu, Taiwan", :networking => { - :nameservers => ["140.110.16.1", "140.110.4.1"], - :roles => { - :external => { - :zone => "nc" - } - } + :nameservers => ["140.110.16.1", "140.110.4.1"] } ) diff --git a/roles/netalerts.rb b/roles/netalerts.rb index aaabe14e7..85e6824d4 100644 --- a/roles/netalerts.rb +++ b/roles/netalerts.rb @@ -9,12 +9,7 @@ default_attributes( :nameservers => [ "209.172.41.202", "209.172.41.200" - ], - :roles => { - :external => { - :zone => "na" - } - } + ] } ) diff --git a/roles/osuosl.rb b/roles/osuosl.rb index f80b1177a..489152a02 100644 --- a/roles/osuosl.rb +++ b/roles/osuosl.rb @@ -14,7 +14,6 @@ default_attributes( :nameservers => ["8.8.8.8", "8.8.4.4"], :roles => { :external => { - :zone => "ool", :inet => { :prefix => "28", :gateway => "140.211.167.97" diff --git a/roles/ovh.rb b/roles/ovh.rb index 506be9c9a..9a0e9d561 100644 --- a/roles/ovh.rb +++ b/roles/ovh.rb @@ -7,12 +7,7 @@ default_attributes( :networking => { :nameservers => [ "213.186.33.99" - ], - :roles => { - :external => { - :zone => "ovh" - } - } + ] } ) diff --git a/roles/paulla.rb b/roles/paulla.rb index b84b86c96..27149d247 100644 --- a/roles/paulla.rb +++ b/roles/paulla.rb @@ -14,12 +14,7 @@ default_attributes( :allow => ["10.64.1.11"] }, :networking => { - :nameservers => ["10.64.1.42", "194.167.156.13", "10.64.1.3"], - :roles => { - :external => { - :zone => "pa" - } - } + :nameservers => ["10.64.1.42", "194.167.156.13", "10.64.1.3"] } ) diff --git a/roles/prgmr.rb b/roles/prgmr.rb index 147775708..918481423 100644 --- a/roles/prgmr.rb +++ b/roles/prgmr.rb @@ -6,12 +6,7 @@ default_attributes( :location => "San Francisco, California", :timezone => "PST8PDT", :networking => { - :nameservers => ["8.8.8.8", "8.8.4.4"], - :roles => { - :external => { - :zone => "pr" - } - } + :nameservers => ["8.8.8.8", "8.8.4.4"] } ) diff --git a/roles/scaleway.rb b/roles/scaleway.rb index 996bb0e46..b7daaa0fb 100644 --- a/roles/scaleway.rb +++ b/roles/scaleway.rb @@ -8,12 +8,7 @@ default_attributes( :nameservers => [ "62.210.16.6", "62.210.16.7" - ], - :roles => { - :external => { - :zone => "osm" - } - } + ] } ) diff --git a/roles/strato.rb b/roles/strato.rb index 75793178b..05ed336cc 100644 --- a/roles/strato.rb +++ b/roles/strato.rb @@ -8,12 +8,7 @@ default_attributes( :nameservers => [ "85.214.7.22", "81.169.163.106" - ], - :roles => { - :external => { - :zone => "osm" - } - } + ] } ) diff --git a/roles/szerverem.rb b/roles/szerverem.rb index 137600f4e..45ac8108e 100644 --- a/roles/szerverem.rb +++ b/roles/szerverem.rb @@ -8,12 +8,7 @@ default_attributes( :nameservers => [ "8.8.8.8", "8.8.4.4" - ], - :roles => { - :external => { - :zone => "sz" - } - } + ] } ) diff --git a/roles/teleservice.rb b/roles/teleservice.rb index ea2dece10..7602c30c1 100644 --- a/roles/teleservice.rb +++ b/roles/teleservice.rb @@ -5,12 +5,7 @@ default_attributes( :hosted_by => "Teleservice Skåne AB", :location => "Sjöbo, Sweden", :networking => { - :nameservers => ["8.8.8.8", "8.8.4.4"], - :roles => { - :external => { - :zone => "ts" - } - } + :nameservers => ["8.8.8.8", "8.8.4.4"] } ) diff --git a/roles/teraswitch.rb b/roles/teraswitch.rb index 6cede96e4..1c24a529b 100644 --- a/roles/teraswitch.rb +++ b/roles/teraswitch.rb @@ -14,12 +14,7 @@ default_attributes( :nameservers => [ "1.1.1.1", "8.8.8.8" - ], - :roles => { - :external => { - :zone => "osm" - } - } + ] } ) diff --git a/roles/tetaneutral.rb b/roles/tetaneutral.rb index 07a26768e..2459652ba 100644 --- a/roles/tetaneutral.rb +++ b/roles/tetaneutral.rb @@ -13,12 +13,7 @@ default_attributes( :nameservers => [ "8.8.8.8", "8.8.4.4" - ], - :roles => { - :external => { - :zone => "tnn" - } - } + ] } ) diff --git a/roles/tuxis.rb b/roles/tuxis.rb index 5cde762df..3b4a8acbe 100644 --- a/roles/tuxis.rb +++ b/roles/tuxis.rb @@ -5,12 +5,7 @@ default_attributes( :hosted_by => "Tuxis", :location => "Ede, Netherlands", :networking => { - :nameservers => ["2a03:7900:2:0:31:3:104:61", "2a03:7900:2:0:31:3:104:62"], - :roles => { - :external => { - :zone => "osm" - } - } + :nameservers => ["2a03:7900:2:0:31:3:104:61", "2a03:7900:2:0:31:3:104:62"] } ) diff --git a/roles/umu.rb b/roles/umu.rb index 70c88a253..33caf6148 100644 --- a/roles/umu.rb +++ b/roles/umu.rb @@ -10,12 +10,7 @@ default_attributes( :hosted_by => "Academic Computer Club, Umeå University", :location => "Umeå, Sweden", :networking => { - :nameservers => ["130.239.18.251", "130.239.18.252", "130.239.1.90"], - :roles => { - :external => { - :zone => "osm" - } - } + :nameservers => ["130.239.18.251", "130.239.18.252", "130.239.1.90"] } ) diff --git a/roles/unizar.rb b/roles/unizar.rb index f9d5d1237..746edaf88 100644 --- a/roles/unizar.rb +++ b/roles/unizar.rb @@ -10,12 +10,7 @@ default_attributes( :hosted_by => "University of Zaragoza", :location => "Zaragoza, Spain", :networking => { - :nameservers => ["155.210.12.9", "155.210.3.12"], - :roles => { - :external => { - :zone => "uz" - } - } + :nameservers => ["155.210.12.9", "155.210.3.12"] } ) diff --git a/roles/utelecom.rb b/roles/utelecom.rb index d4aca4c0e..7f613872e 100644 --- a/roles/utelecom.rb +++ b/roles/utelecom.rb @@ -5,12 +5,7 @@ default_attributes( :hosted_by => "Ukrainian Telecommunication Group", :location => "Kiev, Ukraine", :networking => { - :nameservers => ["8.8.8.8", "8.8.4.4"], - :roles => { - :external => { - :zone => "osm" - } - } + :nameservers => ["8.8.8.8", "8.8.4.4"] } ) diff --git a/roles/yandex.rb b/roles/yandex.rb index 019995047..780c8face 100644 --- a/roles/yandex.rb +++ b/roles/yandex.rb @@ -6,12 +6,7 @@ default_attributes( :location => "Moscow, Russia", :timezone => "Europe/Moscow", :networking => { - :nameservers => ["8.8.8.8", "8.8.4.4"], - :roles => { - :external => { - :zone => "yx" - } - } + :nameservers => ["8.8.8.8", "8.8.4.4"] } ) diff --git a/roles/zcu.rb b/roles/zcu.rb index b059c5bf1..cfa1f63fc 100644 --- a/roles/zcu.rb +++ b/roles/zcu.rb @@ -5,12 +5,7 @@ default_attributes( :hosted_by => "University of West Bohemia", :location => "Pilsen, Czech Republic", :networking => { - :nameservers => ["147.228.3.3", "147.228.52.11"], - :roles => { - :external => { - :zone => "osm" - } - } + :nameservers => ["147.228.3.3", "147.228.52.11"] } )