Ben Vincent
b9465cd78b
- create classes for each class of in/out traffic - use hier_include to add firewall rules to each role
8 lines
191 B
Puppet
8 lines
191 B
Puppet
class firewall::rules::out::postgres (
|
|
String $ipset = 'sql_galera',
|
|
){
|
|
nftables::rule { 'default_out-postgres_tcp_5432':
|
|
content => "tcp dport 5432 ip daddr @${ipset} accept",
|
|
}
|
|
}
|