Dzahn has uploaded a new change for review.
https://gerrit.wikimedia.org/r/169561
Change subject: webserver - replace firewall rules with ferm
......................................................................
webserver - replace firewall rules with ferm
use the ferm classes for firewalling, like we do
in other places, do not use the older firewall
class anymore, so eventually we can delete misc/firewall.pp
Change-Id: I72ad0e33f7f06d4c98bd28129d63d409bb2d0f2c
---
M modules/webserver/manifests/static.pp
1 file changed, 6 insertions(+), 5 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/61/169561/1
diff --git a/modules/webserver/manifests/static.pp
b/modules/webserver/manifests/static.pp
index a66e2a9..c7cc139 100644
--- a/modules/webserver/manifests/static.pp
+++ b/modules/webserver/manifests/static.pp
@@ -2,7 +2,6 @@
# with default config, which serves /var/www
class webserver::static {
include webserver::sysctl_settings
- include firewall
#TODO: declare this class as incompatible with the other webserver classes.
@@ -27,11 +26,13 @@
}
# Firewall
- firewall::open_port { "http-${::hostname}":
- port => 80,
+ ferm::service { "http-${::hostname}":
+ proto => 'tcp',
+ port => 80,
}
- firewall::open_port { "https-${::hostname}":
- port => 443,
+ ferm::service { "https-${::hostname}":
+ proto => 'tcp',
+ port => 443,
}
}
--
To view, visit https://gerrit.wikimedia.org/r/169561
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I72ad0e33f7f06d4c98bd28129d63d409bb2d0f2c
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Dzahn <dz...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
