README.mdwn: Remove Masons

These are obsolete, see: https://listmaster.pepperfish.net/pipermail/baserock-dev-baserock.org/2017-January/013765.html
author: Sam Thursfield <sam.thursfield@codethink.co.uk> 2017-07-12 16:35:34 +0100
committer: Sam Thursfield <sam.thursfield@codethink.co.uk> 2017-07-12 21:05:14 +0100
commit: cedd6a3e354d8dd032568bb42e0ad0973608afee (patch)
tree: cb74d024288d46bcf6807fa2fe81cfbfc24a1c10 /firewall.yaml
parent: d24309fcd82d5abe399ef1cb6b46e6e1802206b8 (diff)
download: infrastructure-cedd6a3e354d8dd032568bb42e0ad0973608afee.tar.gz
1 files changed, 0 insertions, 54 deletions
diff --git a/firewall.yaml b/firewall.yaml
index 64c9200c..6556a986 100644
--- a/firewall.yaml
+++ b/firewall.yaml
@@ -268,60 +268,6 @@
             protocol: tcp
             remote_ip_prefix: 192.168.222.0/24
 
-    - name: Mason x86 security group
-      neutron_sec_group:
-        name: mason-x86
-        description: Allow inbound HTTP and HTTPS, and cache server fetches from port 8080.
-        state: present
-
-        auth_url: "{{ ansible_env.OS_AUTH_URL }}"
-        login_username: "{{ ansible_env.OS_USERNAME }}"
-        login_password: "{{ ansible_env.OS_PASSWORD }}"
-        login_tenant_name: "{{ ansible_env.OS_TENANT_NAME }}"
-
-        rules:
-          # 80: HTTP
-          - direction: ingress
-            port_range_min: 80
-            port_range_max: 80
-            ethertype: IPv4
-            protocol: tcp
-            remote_ip_prefix: 0.0.0.0/0
-
-          # 443: HTTPS
-          - direction: ingress
-            port_range_min: 443
-            port_range_max: 443
-            ethertype: IPv4
-            protocol: tcp
-            remote_ip_prefix: 0.0.0.0/0
-
-          # 7878: morph distbuild controller port. This rule allows a devel
-          # system inside the Baserock cloud to use the Mason instances for
-          # distbuilding, which is useful when building a Baserock release
-          # among other things.
-          - direction: ingress
-            port_range_min: 7878
-            port_range_max: 7878
-            ethertype: IPv4
-            protocol: tcp
-            remote_ip_prefix: 192.168.222.0/24
-
-          # 8080: morph-cache-server server port. The x86 Masons use
-          # cache.baserock.org as the cache server for their distbuild
-          # networks. So cache.baserock.org needs to be able to connect to
-          # them on this port to fetch artifacts.
-          - direction: ingress
-            port_range_min: 8080
-            port_range_max: 8080
-            ethertype: IPv4
-            protocol: tcp
-            remote_ip_prefix: 185.43.218.0/0
-            # It'd be nice to limit access by security group, but it doesn't
-            # seem to actually work. Perhaps because we use external IP to
-            # access instead of internal IP.
-            #remote_group_id: "{{ default_group.sec_group.id }}"
-
     - name: shared-artifact-cache security group
       neutron_sec_group:
         name: shared-artifact-cache
author	Sam Thursfield <sam.thursfield@codethink.co.uk>	2017-07-12 16:35:34 +0100
committer	Sam Thursfield <sam.thursfield@codethink.co.uk>	2017-07-12 21:05:14 +0100
commit	cedd6a3e354d8dd032568bb42e0ad0973608afee (patch)
tree	cb74d024288d46bcf6807fa2fe81cfbfc24a1c10 /firewall.yaml
parent	d24309fcd82d5abe399ef1cb6b46e6e1802206b8 (diff)
download	infrastructure-cedd6a3e354d8dd032568bb42e0ad0973608afee.tar.gz