From 3357455fc45e848e651172f20f528c82509f3b44 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Mon, 6 Nov 2017 19:22:36 +0000
Subject: [PATCH] Allow access to nagios remote plugins on nepomuk

---
 roles/nepomuk.rb | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/roles/nepomuk.rb b/roles/nepomuk.rb
index 7fba6fb5b..8c2f3f4a3 100644
--- a/roles/nepomuk.rb
+++ b/roles/nepomuk.rb
@@ -3,6 +3,20 @@ description "Master role applied to nepomuk"
 
 default_attributes(
   :networking => {
+    :firewall => {
+      :inet => [
+        {
+          :action => "ACCEPT",
+          :source => "net:77.95.64.120,77.95.64.131,77.95.64.139",
+          :dest => "fw",
+          :proto => "tcp",
+          :dest_ports => "5666",
+          :source_ports => "1024:",
+          :rate_limit => "-",
+          :connection_limit => "-"
+        }
+      ]
+    },
     :interfaces => {
       :external_ipv4 => {
         :interface => "eth0",
-- 
2.43.2