diff options
author | Pedro Alvarez <pedro.alvarez@codethink.co.uk> | 2017-10-24 11:30:10 +0100 |
---|---|---|
committer | Pedro Alvarez <pedro.alvarez@codethink.co.uk> | 2017-10-24 11:30:41 +0100 |
commit | a20b28f796528fa5bb44083dda44639236bab1a2 (patch) | |
tree | 54f74c4cbd2754513abc6f3b9b4b3621a0412dd7 | |
parent | 9bf9242afff62ca2219f19422285fc7ca17aa308 (diff) | |
download | infrastructure-a20b28f796528fa5bb44083dda44639236bab1a2.tar.gz |
firewall: Add rules for haste server
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | firewall.yaml | 16 |
2 files changed, 17 insertions, 1 deletions
@@ -343,7 +343,7 @@ To deploy to production: --flavor 2C-8GB \ --image $fedora_image_id \ --nic "net-id=$network_id" \ - --security-groups default,web-server \ + --security-groups default,web-server,haste-server \ --user-data ./baserock-ops-team.cloud-config nova volume-attach webserver <volume-id> /dev/vdb diff --git a/firewall.yaml b/firewall.yaml index 714a5775..e70d6298 100644 --- a/firewall.yaml +++ b/firewall.yaml @@ -98,6 +98,22 @@ protocol: udp remote_ip_prefix: 0.0.0.0/0 + - name: haste-server security group + os_security_group: + name: haste-server + description: Allow incoming TCP requests for haste server + state: present + + - name: haste-server security group -- allow incoming TCP on port 7777 for Haste server + os_security_group_rule: + security_group: haste-server + direction: ingress + port_range_min: 7777 + port_range_max: 7777 + ethertype: IPv4 + protocol: tcp + remote_ip_prefix: 0.0.0.0/0 + - name: git-server security group os_security_group: name: git-server |