Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Annotate this list so its easier to understand.

Browse source
This commit is contained in:
Ralph Bean 2015-03-12 14:03:12 +00:00
parent a898004d91
commit bcf7aff6a5
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
inventory/host_vars/db-fas01.phx2.fedoraproject.org
View file

@ -28,12 +28,19 @@ fas_client_groups: sysadmin-dba,sysadmin-noc
# Only allow postgresql access from the frontend nodes and hosted. # Only allow postgresql access from the frontend nodes and hosted.
# #
custom_rules: [ custom_rules: [
# fas01, fas02, and fas03
'-A INPUT -p tcp -m tcp -s 10.5.126.25 --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.25 --dport 5432 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 10.5.126.26 --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.26 --dport 5432 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 10.5.126.30 --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.30 --dport 5432 -j ACCEPT',
# fedoauth01 and fedoauth02
'-A INPUT -p tcp -m tcp -s 10.5.126.240 --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.240 --dport 5432 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 10.5.126.241 --dport 5432 -j ACCEPT' , '-A INPUT -p tcp -m tcp -s 10.5.126.241 --dport 5432 -j ACCEPT' ,
# sundries02...
'-A INPUT -p tcp -m tcp -s 10.5.126.41 --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.41 --dport 5432 -j ACCEPT',
# hosted03 and hosted04 (over the vpn)
'-A INPUT -p tcp -m tcp -s 192.168.1.16 --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.16 --dport 5432 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 192.168.1.102 --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.102 --dport 5432 -j ACCEPT',
] ]