From 1c18ee4599ca216eb59c16f43dd961b70a27fe80 Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Tue, 4 Aug 2015 14:16:37 +0200
Subject: [PATCH] Create a security group pg-5432-anywhere

---
 .../fed-cloud09.cloud.fedoraproject.org.yml   | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml b/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml
index b99936e0ee..9f4a18999e 100644
--- a/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml
+++ b/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml
@@ -1124,6 +1124,25 @@
           protocol: "tcp"
           remote_ip_prefix: "172.25.32.1/20"
 
+  - name: "Create 'pg-5432-anywhere' security group"
+    neutron_sec_group:
+      login_username: "admin"
+      login_password: "{{ ADMIN_PASS }}"
+      login_tenant_name: "admin"
+      auth_url: "https://{{controller_publicname}}:35357/v2.0"
+      state: "present"
+      name: 'pg-5432-anywhere-{{item}}'
+      description: "allow postgresql-5432 from anywhere"
+      tenant_name: "{{item}}"
+      rules:
+        - direction: "ingress"
+          port_range_min: "5432"
+          port_range_max: "5432"
+          ethertype: "IPv4"
+          protocol: "tcp"
+          remote_ip_prefix: "0.0.0.0/0"
+    with_items: all_tenants
+
 
   # Update quota for Copr
   #   SEE: