From 22a61065b28962c811f9fe8978e184e96bddb70f Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Mon, 27 Jan 2025 15:29:59 -0800
Subject: [PATCH] db-riscv-koji01: allow connections from hub

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 inventory/host_vars/db-riscv-koji01.iad2.fedoraproject.org | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/inventory/host_vars/db-riscv-koji01.iad2.fedoraproject.org b/inventory/host_vars/db-riscv-koji01.iad2.fedoraproject.org
index 594325f36b..f03422a3ce 100644
--- a/inventory/host_vars/db-riscv-koji01.iad2.fedoraproject.org
+++ b/inventory/host_vars/db-riscv-koji01.iad2.fedoraproject.org
@@ -1,5 +1,8 @@
 ---
 # This is a generic list, monitored by collectd
+custom_rules: ['-A INPUT -p tcp -m tcp -s 10.3.172.21 --dport 5432 -j ACCEPT']
+nft_custom_rules:
+  - 'add rule ip filter INPUT ip saddr 10.3.172.21 tcp dport 5432 counter accept'
 databases:
   - koji
 datacenter: iad2