From: Peter Palfrader <peter@palfrader.org>
Date: Sun, 22 Sep 2019 17:23:11 +0000 (+0200)
Subject: Our (DSA) home networks do not need to access rabbitmq services
X-Git-Url: https://wiki.adam-barratt.org.uk/gitweb/?a=commitdiff_plain;h=20ed04591aed4343ee7457336ae054bbb0343a87;p=mirror%2Fdsa-puppet.git

Our (DSA) home networks do not need to access rabbitmq services
---

diff --git a/modules/roles/manifests/pubsub.pp b/modules/roles/manifests/pubsub.pp
index 3eb02d064..c69c4d06e 100644
--- a/modules/roles/manifests/pubsub.pp
+++ b/modules/roles/manifests/pubsub.pp
@@ -40,17 +40,6 @@ class roles::pubsub {
 		rule        => '&SERVICE_RANGE(tcp, 5671, $HOST_DEBIAN_V6)'
 	}
 
-	ferm::rule { 'rabbitmq-adm':
-		description => 'rabbitmq connections',
-		rule        => '&SERVICE_RANGE(tcp, 5671, $DSA_IPS)'
-	}
-
-	ferm::rule { 'rabbitmq-v6-adm':
-		domain      => 'ip6',
-		description => 'rabbitmq connections',
-		rule        => '&SERVICE_RANGE(tcp, 5671, $DSA_V6_IPS)'
-	}
-
 	if $::hostname == $cc_master {
 		$you  = '5.153.231.15'
 		$you6 = '2001:41c8:1000:21::21:15'
@@ -69,13 +58,4 @@ class roles::pubsub {
 		description => 'rabbitmq cluster connections',
 		rule        => "proto tcp mod state state (NEW) saddr (${you6}) ACCEPT"
 	}
-	ferm::rule { 'rabbitmq_mgmt':
-		description => 'rabbitmq cluster connections',
-		rule        => '&SERVICE_RANGE(tcp, 15671, $DSA_IPS)'
-	}
-	ferm::rule { 'rabbitmq_mgmt_v6':
-		domain      => '(ip6)',
-		description => 'rabbitmq cluster connections',
-		rule        => '&SERVICE_RANGE(tcp, 15671, $DSA_V6_IPS)'
-	}
 }