diff options
| author | varac <varacanero@zeromail.org> | 2013-02-06 23:34:29 +0100 |
|---|---|---|
| committer | varac <varacanero@zeromail.org> | 2013-02-06 23:34:29 +0100 |
| commit | 18a2f385ff1f56f493db5302f5ae51173a65cd86 (patch) | |
| tree | e843be263ad5d2e2d0bea8a44c342fd37e6b30de | |
| parent | 07afa7bd4c7dcb941e3984d4fccc1169baf03448 (diff) | |
configure shorewall for couchdb, tor, webapp
| -rw-r--r-- | puppet/modules/site_shorewall/manifests/couchdb.pp | 22 | ||||
| -rw-r--r-- | puppet/modules/site_shorewall/manifests/tor.pp | 23 | ||||
| -rw-r--r-- | puppet/modules/site_shorewall/manifests/webapp.pp | 13 |
3 files changed, 58 insertions, 0 deletions
diff --git a/puppet/modules/site_shorewall/manifests/couchdb.pp b/puppet/modules/site_shorewall/manifests/couchdb.pp new file mode 100644 index 00000000..1b7f791d --- /dev/null +++ b/puppet/modules/site_shorewall/manifests/couchdb.pp @@ -0,0 +1,22 @@ +class site_shorewall::couchdb { + + include site_shorewall::defaults + + $couchdb_port = '6984' + + # define macro for incoming services + file { '/etc/shorewall/macro.leap_couchdb': + content => "PARAM - - tcp $couchdb_port", + notify => Service['shorewall'] + } + + + shorewall::rule { + 'net2fw-couchdb': + source => 'net', + destination => '$FW', + action => 'leap_couchdb(ACCEPT)', + order => 200; + } + +} diff --git a/puppet/modules/site_shorewall/manifests/tor.pp b/puppet/modules/site_shorewall/manifests/tor.pp new file mode 100644 index 00000000..d04adeac --- /dev/null +++ b/puppet/modules/site_shorewall/manifests/tor.pp @@ -0,0 +1,23 @@ +class site_shorewall::tor { + + include site_shorewall::defaults + include site_shorewall::ip_forward + + $tor_port = '9001' + + # define macro for incoming services + file { '/etc/shorewall/macro.leap_tor': + content => "PARAM - - tcp $tor_port ", + notify => Service['shorewall'] + } + + + shorewall::rule { + 'net2fw-tor': + source => 'net', + destination => '$FW', + action => 'leap_tor(ACCEPT)', + order => 200; + } + +} diff --git a/puppet/modules/site_shorewall/manifests/webapp.pp b/puppet/modules/site_shorewall/manifests/webapp.pp new file mode 100644 index 00000000..ff9b7646 --- /dev/null +++ b/puppet/modules/site_shorewall/manifests/webapp.pp @@ -0,0 +1,13 @@ +class site_shorewall::webapp { + + include site_shorewall::defaults + + shorewall::rule { + 'net2fw-https': + source => 'net', + destination => '$FW', + action => 'HTTPS(ACCEPT)', + order => 200; + } + +} |