Confirmed users
120
edits
ReleaseEngineering/PuppetAgain/Modules/fw: Difference between revisions
ReleaseEngineering/PuppetAgain/Modules/fw (view source)
Revision as of 19:41, 8 August 2017
, 8 August 2017no edit summary
(Initial pass at fw module documentation) |
mNo edit summary |
||
| Line 4: | Line 4: | ||
=== Defining ports and protocols for applications === | === Defining ports and protocols for applications === | ||
Each application must be defined in the '''$app_proto_port''' hash within the [https://hg.mozilla.org/build/puppet/file/tip/modules/fw/manifests/apps.pp apps.pp manifest]. | Each application must be defined in the '''$app_proto_port''' hash within the [https://hg.mozilla.org/build/puppet/file/tip/modules/fw/manifests/apps.pp apps.pp manifest].<br /> | ||
For example: | For example: | ||
'http' => { proto => 'tcp', port => '80' }, | 'http' => { proto => 'tcp', port => '80' }, | ||
| Line 11: | Line 11: | ||
=== Defining hosts and networks === | === Defining hosts and networks === | ||
All sources should be defined within the networks.pp manifest. All variables defined here are arrays even if it is a single element array. | All sources should be defined within the [https://hg.mozilla.org/build/puppet/file/tip/modules/fw/manifests/networks.pp networks.pp manifest]. All variables defined here are arrays even if it is a single element array.<br /> | ||
Valid sources are: | Valid sources are: | ||
* CIDR blocks | * Network CIDR blocks eg. [ '10.26.52.110/22' ] | ||
* Single IP CIDR blocks | * Single IP CIDR blocks [ '10.22.8.114/32' ] | ||
You can also nest arrays within arrays: | |||
$rejh = [ $scl3_rejh, $mdc1_rejh ] | |||
=== Roles === | === Roles === | ||