--- Ferm::Service[rsyncd_access_doc_auth].orig
+++ Ferm::Service[rsyncd_access_doc_auth]
+ prio => 10
+ unrestricted_access => False
+ proto => tcp
+ ensure => present
+ desc =>
+ notrack => False
+ port => [873, 1873]
+ srange => ['gitlab-runner-1007.devtools.eqiad1.wikimedia.cloud', 'gitlab-runner-1008.devtools.eqiad1.wikimedia.cloud', 'gitlab-runner1002.eqiad.wmnet', 'gitlab-runner1003.eqiad.wmnet', 'gitlab-runner1004.eqiad.wmnet', 'gitlab-runner2002.codfw.wmnet', 'gitlab-runner2003.codfw.wmnet', 'gitlab-runner2004.codfw.wmnet', 'releases1003.eqiad.wmnet', 'releases2003.codfw.wmnet']
Ferm::Service[bacula_file_daemon_backup1014_eqiad_wmnet]
- Parameters differences:
--- Ferm::Service[bacula_file_daemon_backup1014_eqiad_wmnet].orig
+++ Ferm::Service[bacula_file_daemon_backup1014_eqiad_wmnet]
+ prio => 10
+ unrestricted_access => False
+ proto => tcp
+ ensure => present
+ desc =>
+ notrack => False
+ port => 9102
+ srange => ['backup1014.eqiad.wmnet']
- Ferm::Service[rsyncd_access_doc]
- Parameters differences:
--- Ferm::Service[rsyncd_access_doc].orig
+++ Ferm::Service[rsyncd_access_doc]
+ prio => 10
+ unrestricted_access => False
+ proto => tcp
+ ensure => present
+ desc =>
+ notrack => False
+ port => [873, 1873]
+ srange => ['contint1002.wikimedia.org', 'contint2002.wikimedia.org']
- Ferm::Service[ssh_from_cumin_masters]
- Parameters differences:
--- Ferm::Service[ssh_from_cumin_masters].orig
+++ Ferm::Service[ssh_from_cumin_masters]
+ prio => 10
+ unrestricted_access => False
+ proto => tcp
+ ensure => present
+ src_sets => ['CUMIN_MASTERS']
+ desc =>
+ notrack => False
+ port => 22
- Ferm::Service[full_monitoring_metrics_access_tcp]
- Parameters differences:
--- Ferm::Service[full_monitoring_metrics_access_tcp].orig
+++ Ferm::Service[full_monitoring_metrics_access_tcp]
+ prio => 10
+ unrestricted_access => False
+ proto => tcp
+ port_range => [1, 65535]
+ ensure => present
+ desc =>
+ notrack => False
+ srange => ['prometheus2005.codfw.wmnet', 'prometheus2006.codfw.wmnet', 'prometheus2007.codfw.wmnet', 'prometheus2008.codfw.wmnet', '208.80.154.78', '2620:0:861:3:208:80:154:78', '208.80.153.42', '2620:0:860:2:208:80:153:42']
- Ferm::Service[deployment_ssh]
- Parameters differences:
--- Ferm::Service[deployment_ssh].orig
+++ Ferm::Service[deployment_ssh]
+ prio => 10
+ unrestricted_access => False
+ proto => tcp
+ src_sets => ['DEPLOYMENT_HOSTS']
+ ensure => present
+ desc =>
+ notrack => False
+ port => 22
- Ferm::Service[envoy_tls_termination_src_sets]
- Parameters differences:
--- Ferm::Service[envoy_tls_termination_src_sets].orig
+++ Ferm::Service[envoy_tls_termination_src_sets]
+ prio => 10
+ unrestricted_access => False
+ proto => tcp
+ ensure => present
+ src_sets => ['CACHES']
+ notrack => True
+ desc =>
+ port => 443
- Ferm::Service[doc_http]
- Parameters differences:
--- Ferm::Service[doc_http].orig
+++ Ferm::Service[doc_http]
+ prio => 10
+ unrestricted_access => False
+ proto => tcp
+ ensure => present
+ src_sets => ['CACHES', 'DEPLOYMENT_HOSTS']
+ desc =>
+ notrack => False
+ port => 80
- Ferm::Service[ssh_from_bastion]
- Parameters differences:
--- Ferm::Service[ssh_from_bastion].orig
+++ Ferm::Service[ssh_from_bastion]
+ prio => 10
+ unrestricted_access => False
+ proto => tcp
+ ensure => present
+ desc =>
+ notrack => False
+ port => 22
+ srange => ['208.80.154.7', '2620:0:861:1:208:80:154:7', '208.80.153.110', '2a02:ec80:300:3:185:15:59:99', '185.15.59.99', '2620:0:860:4:208:80:153:110', '198.35.26.104', '2620:0:863:3:198:35:26:104', '103.102.166.103', '2001:df2:e500:3:103:102:166:103', '185.15.58.6', '2a02:ec80:600:1:185:15:58:6', '195.200.68.99', '2a02:ec80:700:3:195:200:68:99']