infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions

cut down the list of hosts external

Browse source
This commit is contained in:
Stephen Smoogen 2017-06-23 19:19:18 +00:00
parent af85868526
commit 06be05edfb
2 changed files with 18 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

39
inventory/group_vars/nagios-new
View file

@ -165,36 +165,27 @@ phx2_management_slowping:
- ppc8-03-fsp.mgmt.fedoraproject.org - ppc8-03-fsp.mgmt.fedoraproject.org
phx2_external: phx2_external:
- admin.stg.fedoraproject.org
- autoqa.fedoraproject.org
- bastion-comm01.fedoraproject.org
- bastion01.fedoraproject.org - bastion01.fedoraproject.org
- bastion02.fedoraproject.org - bastion02.fedoraproject.org
- pkgs.fedoraproject.org
- stg.fedoraproject.org
- puppet.fedoraproject.org
- koji.fedoraproject.org
- secondary1.fedoraproject.org
- autoqa-stg.fedoraproject.org
- kojipkgs.fedoraproject.org
- pkgs.stg.fedoraproject.org
- bastion-comm01.fedoraproject.org
- admin.stg.fedoraproject.org
- proxy10.fedoraproject.org
- proxy01.fedoraproject.org
- ns04.fedoraproject.org
- koji.stg.fedoraproject.org
- dl01.fedoraproject.org - dl01.fedoraproject.org
- dl02.fedoraproject.org - dl02.fedoraproject.org
- dl03.fedoraproject.org - dl03.fedoraproject.org
- dl04.fedoraproject.org - dl04.fedoraproject.org
- dl05.fedoraproject.org - dl05.fedoraproject.org
- koji.fedoraproject.org
- koji.stg.fedoraproject.org
- kojipkgs.fedoraproject.org
- ns04.fedoraproject.org
- pkgs.fedoraproject.org
- pkgs01.stg.fedoraproject.org
- proxy01.fedoraproject.org
- proxy10.fedoraproject.org
- puppet.fedoraproject.org
- retrace01.fedoraproject.org - retrace01.fedoraproject.org
- autoqa.fedoraproject.org
- qadevel.fedoraproject.org
- fas.fedoraproject.org
- ppc-composer.qa.fedoraproject.org
- retrace02.fedoraproject.org - retrace02.fedoraproject.org
- noc01.fedoraproject.org - secondary01.fedoraproject.org
- beaker.fedoraproject.org - secondarykoji.fedoraproject.org
- master.centos.org - stg.fedoraproject.org
- qadevel-stg.fedoraproject.org
- qadevel-stg.qa.fedoraproject.org
- centos02-phx.centos.org

3
roles/base/templates/iptables/ip6tables
View file

@ -27,6 +27,9 @@
# allow ssh - always # allow ssh - always
-A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 22 -j ACCEPT
# for nrpe (if we want noc02 to be able to get into remote systems)
#-A INPUT -p tcp -m tcp --dport 5666 -s 2610:28:3090:3001:dead:beef:cafe:fed9 -j ACCEPT
# if the host/group defines incoming tcp_ports - allow them # if the host/group defines incoming tcp_ports - allow them
{% if tcp_ports is defined %} {% if tcp_ports is defined %}
{% for port in tcp_ports %} {% for port in tcp_ports %}