Adjust firewall rules for anitya-frontend.
It is a special case since its on the vpn.
This commit is contained in:
Ralph Bean
parent
d80364050c
commit
0e2410d160
1 changed files with 6 additions and 4 deletions
|
|
@ -7,10 +7,12 @@ num_cpus: 2
|
|||
# for systems that do not match the above - specify the same parameter in
|
||||
# the host_vars/$hostname file
|
||||
|
||||
tcp_ports: [ 80, 443,
|
||||
# These 16 ports are used by fedmsg. One for each wsgi thread.
|
||||
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
|
||||
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
|
||||
# Note that, usually there are 16-32 ports listed here so that fedmsg can bind
|
||||
# to each of them (one for each wsgi thread). We're not doing that here because
|
||||
# the anitya frontend is sitting on the vpn. We could, but we'd like to reduce
|
||||
# vpn traffic. Instead, we configure the anitya app to connect directly to the
|
||||
# fedmsg-relay sitting on busgateway01.vpn.fp.o and send its messages there.
|
||||
tcp_ports: [ 80, 443 ]
|
||||
|
||||
# Neeed for rsync from log01 for logs.
|
||||
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue