Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Restrict 5050 to noc01 and noc02.

Browse source
This commit is contained in:
Ralph Bean 2015-11-22 02:30:55 +00:00
parent d977e90e6c
commit fe9d322805
2 changed files with 18 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

12
inventory/group_vars/value
View file

@ -7,13 +7,19 @@ num_cpus: 2
# for systems that do not match the above - specify the same parameter in # for systems that do not match the above - specify the same parameter in
# the host_vars/$hostname file # the host_vars/$hostname file
tcp_ports: [ 80, 443, 5050, tcp_ports: [ 80, 443,
# These 16 ports are used by fedmsg. One for each wsgi thread. # These 16 ports are used by fedmsg. One for each wsgi thread.
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, 3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015] 3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
# Needed for rsync from log01 for logs. custom_rules: [
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] # Needed for rsync from log01 for logs.
'-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
# Needed to let nagios on noc01 and noc02 pipe alerts to zodbot here
'-A INPUT -p tcp -m tcp -s 10.5.126.41 --dport 5050 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 152.19.134.192 --dport 5050 -j ACCEPT',
]
fas_client_groups: sysadmin-noc,fi-apprentice,sysadmin-web,sysadmin-mote fas_client_groups: sysadmin-noc,fi-apprentice,sysadmin-web,sysadmin-mote

12
inventory/group_vars/value-stg
View file

@ -7,13 +7,19 @@ num_cpus: 2
# for systems that do not match the above - specify the same parameter in # for systems that do not match the above - specify the same parameter in
# the host_vars/$hostname file # the host_vars/$hostname file
tcp_ports: [ 80, 443, 5050, tcp_ports: [ 80, 443,
# These 16 ports are used by fedmsg. One for each wsgi thread. # These 16 ports are used by fedmsg. One for each wsgi thread.
3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007, 3000, 3001, 3002, 3003, 3004, 3005, 3006, 3007,
3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015] 3008, 3009, 3010, 3011, 3012, 3013, 3014, 3015]
# Neeed for rsync from log01 for logs. custom_rules: [
custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] # Neeed for rsync from log01 for logs.
'-A INPUT -p tcp -m tcp -s 10.5.126.13 --dport 873 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
# Needed to let nagios on noc01 and noc02 pipe alerts to zodbot here
'-A INPUT -p tcp -m tcp -s 10.5.126.41 --dport 5050 -j ACCEPT',
'-A INPUT -p tcp -m tcp -s 152.19.134.192 --dport 5050 -j ACCEPT',
]
fas_client_groups: sysadmin-noc,fi-apprentice,sysadmin-web,sysadmin-mote fas_client_groups: sysadmin-noc,fi-apprentice,sysadmin-web,sysadmin-mote