From fe702d32ea926b2a8f85c7df05303c70a09ae02a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Miroslav=20Such=C3=BD?= <msuchy@redhat.com>
Date: Mon, 11 Nov 2013 15:11:33 +0000
Subject: [PATCH] open ports 22, 80, 443 on coprs machines

---
 playbooks/hosts/copr-be.cloud.fedoraproject.org.yml |  8 ++++++++
 playbooks/hosts/copr-fe.cloud.fedoraproject.org.yml | 10 +++++++++-
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml b/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml
index 80ee05aa6e..2e59897b4e 100644
--- a/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml
+++ b/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml
@@ -172,5 +172,13 @@
       owner=root
       group=copr
 
+  # open up ports (22, 80, 443)
+  - name: poke holes in the firewall
+    action: command lokkit $item
+    with_items:
+    - --service=ssh
+    - --service=https
+    - --service=http
+
   handlers:
   - include: $handlers/restart_services.yml
diff --git a/playbooks/hosts/copr-fe.cloud.fedoraproject.org.yml b/playbooks/hosts/copr-fe.cloud.fedoraproject.org.yml
index 6a77d82760..b812b7f26d 100644
--- a/playbooks/hosts/copr-fe.cloud.fedoraproject.org.yml
+++ b/playbooks/hosts/copr-fe.cloud.fedoraproject.org.yml
@@ -59,7 +59,15 @@
 
   - name: copy pg_hba.conf
     action: copy src=$files/copr/fe/pg/pg_hba.conf dest=/var/lib/pgsql/data/pg_hba.conf owner=postgres group=postgres mode=0600
-  
+
+  # open up ports (22, 80, 443)
+  - name: poke holes in the firewall
+    action: command lokkit $item
+    with_items:
+    - --service=ssh
+    - --service=https
+    - --service=http
+ 
   - name: enable services
     action: service state=running enabled=yes name=$item
     with_items: