Defined Type: profile::mariadb::ferm_wikitech

Defined in:
modules/profile/manifests/mariadb/ferm_wikitech.pp

Overview

Firewall rules to allow wikitech hosts to access prod DBs

Ultimately wikitech will move to prod appservers at which point this can be ripped out.

Parameters:

  • port (Stdlib::Port) (defaults to: 3306)
  • labweb_hosts (Array[Stdlib::Fqdn]) (defaults to: lookup('profile::openstack::eqiad1::labweb_hosts')) 


5
6
7
8
9
10
11
12
13
14
15
16
 
# File 'modules/profile/manifests/mariadb/ferm_wikitech.pp', line 5

define profile::mariadb::ferm_wikitech(
    Stdlib::Port $port = 3306,
    Array[Stdlib::Fqdn] $labweb_hosts = lookup('profile::openstack::eqiad1::labweb_hosts'),  # lint:ignore:wmf_styleguide
    ) {

    ferm::service{ 'labweb':
        proto   => 'tcp',
        port    => $port,
        notrack => true,
        srange  => "@resolve((${labweb_hosts.join(' ')}))",
    }
}