diff --git a/inventory/group_vars/value b/inventory/group_vars/value index 4ab69243d2..3db6be9ad8 100644 --- a/inventory/group_vars/value +++ b/inventory/group_vars/value @@ -7,13 +7,19 @@ num_cpus: 2 # for systems that do not match the above - specify the same parameter in # the host_vars/$hostname file -tcp_ports: [ 80, 443, 5050, +tcp_ports: [ 80, 443, # These 16 ports are used by fedmsg. One for each wsgi thread. 3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, 3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015] -# Needed for rsync from log01 for logs. -custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] +custom_rules: [ + # Needed for rsync from log01 for logs. + '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', + '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT', + # Needed to let nagios on noc01 and noc02 pipe alerts to zodbot here + '-A INPUT -p tcp -m tcp -s 10.5.126.41 --dport 5050 -j ACCEPT', + '-A INPUT -p tcp -m tcp -s 152.19.134.192 --dport 5050 -j ACCEPT', +] fas_client_groups: sysadmin-noc,fi-apprentice,sysadmin-web,sysadmin-mote diff --git a/inventory/group_vars/value-stg b/inventory/group_vars/value-stg index 2e911d204c..7792551ec5 100644 --- a/inventory/group_vars/value-stg +++ b/inventory/group_vars/value-stg @@ -7,13 +7,19 @@ num_cpus: 2 # for systems that do not match the above - specify the same parameter in # the host_vars/$hostname file -tcp_ports: [ 80, 443, 5050, +tcp_ports: [ 80, 443, # These 16 ports are used by fedmsg. One for each wsgi thread. 3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, 3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015] -# Neeed for rsync from log01 for logs. -custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] +custom_rules: [ + # Neeed for rsync from log01 for logs. + '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', + '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT', + # Needed to let nagios on noc01 and noc02 pipe alerts to zodbot here + '-A INPUT -p tcp -m tcp -s 10.5.126.41 --dport 5050 -j ACCEPT', + '-A INPUT -p tcp -m tcp -s 152.19.134.192 --dport 5050 -j ACCEPT', +] fas_client_groups: sysadmin-noc,fi-apprentice,sysadmin-web,sysadmin-mote