Muehlenhoff has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/366519 )
Change subject: Restrict HTTP access in role::librenms
......................................................................
Restrict HTTP access in role::librenms
Served via Varnish, restricting to PRODUCTION_NETWORKS.
Change-Id: I612cb77f8fc983cbfff1e2fc2c46f94aaa751c3e
---
M modules/role/manifests/librenms.pp
1 file changed, 6 insertions(+), 4 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/19/366519/1
diff --git a/modules/role/manifests/librenms.pp
b/modules/role/manifests/librenms.pp
index dcb0831..2b5f1cd 100644
--- a/modules/role/manifests/librenms.pp
+++ b/modules/role/manifests/librenms.pp
@@ -138,13 +138,15 @@
}
ferm::service { 'librenms-http':
- proto => 'tcp',
- port => '80',
+ proto => 'tcp',
+ port => '80',
+ srange => '$PRODUCTION_NETWORKS',
}
ferm::service { 'librenms-https':
- proto => 'tcp',
- port => '443',
+ proto => 'tcp',
+ port => '443',
+ srange => '$PRODUCTION_NETWORKS',
}
backup::set {'librenms': }
--
To view, visit https://gerrit.wikimedia.org/r/366519
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I612cb77f8fc983cbfff1e2fc2c46f94aaa751c3e
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Muehlenhoff <mmuhlenh...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
