diff options
author | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2017-07-13 16:51:15 +0100 |
---|---|---|
committer | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2017-07-13 16:57:36 +0100 |
commit | 3c981269ffd0796930572f38b2358b13c8243d6b (patch) | |
tree | 9f6c66ba91136a0bb35904c5684323291401ff7a | |
parent | c87270a48f7fe97bb26b538215e7ad96ffd449e2 (diff) | |
download | infrastructure-3c981269ffd0796930572f38b2358b13c8243d6b.tar.gz |
firewall.yml: Open morph-cache-server port on git-server security group
This is used by YBD for resolving remote Git commit SHA1s to tree SHA1s.
Previously the port was opened by the shared-artifact-cache security
group, but it no longer is.
-rw-r--r-- | firewall.yaml | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/firewall.yaml b/firewall.yaml index c468755b..5b5b7166 100644 --- a/firewall.yaml +++ b/firewall.yaml @@ -173,7 +173,7 @@ - name: git-server security group os_security_group: name: git-server - description: Allow inbound SSH, HTTP, HTTPS and Git. + description: Allow inbound SSH, HTTP, HTTPS, Git, and morph-cache-server requests. state: present - name: git-server security group -- allow incoming TCP on port 22 for Git-over-SSH @@ -206,6 +206,16 @@ protocol: tcp remote_ip_prefix: 0.0.0.0/0 + - name: git-server security group -- allow incoming TCP on port 8080 for morph-cache-server protocol + os_security_group_rule: + security_group: git-server + direction: ingress + port_range_min: 8080 + port_range_max: 8080 + ethertype: IPv4 + protocol: tcp + remote_ip_prefix: 0.0.0.0/0 + - name: git-server security group -- allow incoming TCP on port 9418 for git protocol os_security_group_rule: security_group: git-server |