Commit 3ba92f3b authored by Goh Choon Ming's avatar Goh Choon Ming

move ssh class declaration to an isolated profile

parent 58af2293
......@@ -11,8 +11,7 @@ class opstheater::profile::base {
}
# configure ssh
include ::ssh::client
include ::ssh::server
include opstheater::profile::ssh
# manage iptables rules
$manage_firewall = hiera('opstheater::manage_firewall', undef)
......
class opstheater::profile::ssh {
include ::ssh::server
include ::ssh::client
@@firewall { '010 allow SSH access':
chain => 'INPUT',
action => 'allow',
proto => 'tcp',
dport => '22',
source => hiera('opstheater::vpn_ip', '0.0.0.0'),
tag => 'opstheater',
}
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment