diff options
author | Pedro Alvarez <pedro.alvarez@codethink.co.uk> | 2017-10-24 11:30:10 +0100 |
---|---|---|
committer | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2017-10-24 16:51:01 +0000 |
commit | 80788aafa54fb299b0b457a59038e9cd049ac0b6 (patch) | |
tree | 1346118891770ccb587435936abb706fd0969431 | |
parent | 94805485673f88abc4d48674725220df7f6111c8 (diff) | |
download | infrastructure-80788aafa54fb299b0b457a59038e9cd049ac0b6.tar.gz |
firewall: Add rules for haste server
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | firewall.yaml | 16 |
2 files changed, 17 insertions, 1 deletions
@@ -343,7 +343,7 @@ To deploy to production: --flavor 2C-8GB \ --image $fedora_image_id \ --nic "net-id=$network_id" \ - --security-groups default,web-server \ + --security-groups default,web-server,haste-server \ --user-data ./baserock-ops-team.cloud-config nova volume-attach webserver <volume-id> /dev/vdb diff --git a/firewall.yaml b/firewall.yaml index 7c863220..2ef201be 100644 --- a/firewall.yaml +++ b/firewall.yaml @@ -98,6 +98,22 @@ protocol: udp remote_ip_prefix: 0.0.0.0/0 + - name: haste-server security group + os_security_group: + name: haste-server + description: Allow incoming TCP requests for haste server + state: present + + - name: haste-server security group -- allow incoming TCP on port 7777 for Haste server + os_security_group_rule: + security_group: haste-server + direction: ingress + port_range_min: 7777 + port_range_max: 7777 + ethertype: IPv4 + protocol: tcp + remote_ip_prefix: 0.0.0.0/0 + - name: git-server security group os_security_group: name: git-server |