{"host": "backup2020.codfw.wmnet", "state": "core_diff", "description": "Differences to core resources", "diff": {"full": {"total": 2982, "only_in_self": [], "only_in_other": [], "resource_diffs": [{"resource": "Nftables::Service[versitygw-objectstorage01-mediabackup-workers]", "parameters": "--- Nftables::Service[versitygw-objectstorage01-mediabackup-workers].orig\n+++ Nftables::Service[versitygw-objectstorage01-mediabackup-workers]\n\n@@\n-    src_ips => ['10.192.12.6', '10.192.32.47', '10.192.48.42', '10.192.8.7', '2620:0:860:103:10:192:32:47', '2620:0:860:104:10:192:48:42', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n+    src_ips => ['10.192.12.6', '10.192.8.7', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n"}, {"resource": "Firewall::Service[versitygw-objectstorage01-mediabackup-workers]", "parameters": "--- Firewall::Service[versitygw-objectstorage01-mediabackup-workers].orig\n+++ Firewall::Service[versitygw-objectstorage01-mediabackup-workers]\n\n@@\n-    srange => ['ms-backup2001.codfw.wmnet', 'ms-backup2002.codfw.wmnet', 'ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n+    srange => ['ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n"}, {"resource": "File[/etc/nftables/notrack/10_versitygw-objectstorage03-mediabackup-workers.nft]", "content": "--- /etc/nftables/notrack/10_versitygw-objectstorage03-mediabackup-workers.nft.orig\n+++ /etc/nftables/notrack/10_versitygw-objectstorage03-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9003 } notrack\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9003 } notrack\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9003 } notrack\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9003 } notrack"}, {"resource": "File[/etc/nftables/input/10_versitygw-objectstorage01-mediabackup-workers.nft]", "content": "--- /etc/nftables/input/10_versitygw-objectstorage01-mediabackup-workers.nft.orig\n+++ /etc/nftables/input/10_versitygw-objectstorage01-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9001 } accept\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9001 } accept\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9001 } accept\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9001 } accept"}, {"resource": "File[/etc/nftables/notrack/10_versitygw-objectstorage02-mediabackup-workers.nft]", "content": "--- /etc/nftables/notrack/10_versitygw-objectstorage02-mediabackup-workers.nft.orig\n+++ /etc/nftables/notrack/10_versitygw-objectstorage02-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9002 } notrack\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9002 } notrack\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9002 } notrack\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9002 } notrack"}, {"resource": "Nftables::Service[versitygw-objectstorage03-mediabackup-workers]", "parameters": "--- Nftables::Service[versitygw-objectstorage03-mediabackup-workers].orig\n+++ Nftables::Service[versitygw-objectstorage03-mediabackup-workers]\n\n@@\n-    src_ips => ['10.192.12.6', '10.192.32.47', '10.192.48.42', '10.192.8.7', '2620:0:860:103:10:192:32:47', '2620:0:860:104:10:192:48:42', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n+    src_ips => ['10.192.12.6', '10.192.8.7', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n"}, {"resource": "Class[Profile::Mediabackup::New_storage]", "parameters": "--- Class[Profile::Mediabackup::New_storage].orig\n+++ Class[Profile::Mediabackup::New_storage]\n\n@@\n-    mediabackup_config => {'mw_db_password': 'notsecret', 'db_password': 'notsecret', 'storage_root_user': 'auser', 'storage_root_password': 'dummypassword', 'encryption_key': '# created: 2021-11-29T11:50:16+01:00\\n# public key: public\\nAGE-SECRET-KEY-private\"\\n', 'access_key': 's3user', 'secret_key': 's3key', 'recovery_access_key': 's3userForFileRestores', 'recovery_secret_key': 's3keyForFileRestores', 'batchsize': 100, 'dblists_path': '/srv/mediawiki-config/dblists', 'mw_db_config_file': '/etc/mediabackup/mw_db.ini', 'db_config_file': '/etc/mediabackup/mediabackups_db.ini', 'storage_path': '/srv/objectstorage', 'storage_port': 9000, 'console_port': 9001, 'sections': {'s1': {'host': 'db2141.codfw.wmnet', 'port': 3311}, 's2': {'host': 'db2197.codfw.wmnet', 'port': 3312}, 's3': {'host': 'db2239.codfw.wmnet', 'port': 3313}, 's4': {'host': 'db2199.codfw.wmnet', 'port': 3314}, 's5': {'host': 'db2201.codfw.wmnet', 'port': 3315}, 's6': {'host': 'db2197.codfw.wmnet', 'port': 3316}, 's7': {'host': 'db2198.codfw.wmnet', 'port': 3317}, 's8': {'host': 'db2198.codfw.wmnet', 'port': 3318}}, 'mw_db_user': 'mediabackup', 'db_host': 'db2183.codfw.wmnet', 'db_port': 3306, 'db_user': 'mediabackup', 'db_schema': 'mediabackups', 'worker_hosts': ['ms-backup2001.codfw.wmnet', 'ms-backup2002.codfw.wmnet', 'ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet'], 'storage_hosts': ['backup2004.codfw.wmnet:9000', 'backup2005.codfw.wmnet:9000', 'backup2006.codfw.wmnet:9000', 'backup2007.codfw.wmnet:9000', 'backup2011.codfw.wmnet:9000', 'backup2010.codfw.wmnet:9000', 'backup2015.codfw.wmnet:9000', 'backup2015.codfw.wmnet:9001', 'backup2015.codfw.wmnet:9002', 'backup2015.codfw.wmnet:9003', 'backup2016.codfw.wmnet:9000', 'backup2016.codfw.wmnet:9001', 'backup2016.codfw.wmnet:9002', 'backup2016.codfw.wmnet:9003', 'backup2017.codfw.wmnet:9000', 'backup2017.codfw.wmnet:9001', 'backup2017.codfw.wmnet:9002', 'backup2017.codfw.wmnet:9003', 'backup2018.codfw.wmnet:9000', 'backup2018.codfw.wmnet:9001', 'backup2018.codfw.wmnet:9002', 'backup2018.codfw.wmnet:9003', 'backup2019.codfw.wmnet:9000', 'backup2019.codfw.wmnet:9001', 'backup2019.codfw.wmnet:9002', 'backup2019.codfw.wmnet:9003', 'backup2020.codfw.wmnet:9000', 'backup2020.codfw.wmnet:9001', 'backup2020.codfw.wmnet:9002', 'backup2020.codfw.wmnet:9003']}\n+    mediabackup_config => {'mw_db_password': 'notsecret', 'db_password': 'notsecret', 'storage_root_user': 'auser', 'storage_root_password': 'dummypassword', 'encryption_key': '# created: 2021-11-29T11:50:16+01:00\\n# public key: public\\nAGE-SECRET-KEY-private\"\\n', 'access_key': 's3user', 'secret_key': 's3key', 'recovery_access_key': 's3userForFileRestores', 'recovery_secret_key': 's3keyForFileRestores', 'batchsize': 100, 'dblists_path': '/srv/mediawiki-config/dblists', 'mw_db_config_file': '/etc/mediabackup/mw_db.ini', 'db_config_file': '/etc/mediabackup/mediabackups_db.ini', 'storage_path': '/srv/objectstorage', 'storage_port': 9000, 'console_port': 9001, 'sections': {'s1': {'host': 'db2141.codfw.wmnet', 'port': 3311}, 's2': {'host': 'db2197.codfw.wmnet', 'port': 3312}, 's3': {'host': 'db2239.codfw.wmnet', 'port': 3313}, 's4': {'host': 'db2199.codfw.wmnet', 'port': 3314}, 's5': {'host': 'db2201.codfw.wmnet', 'port': 3315}, 's6': {'host': 'db2197.codfw.wmnet', 'port': 3316}, 's7': {'host': 'db2198.codfw.wmnet', 'port': 3317}, 's8': {'host': 'db2198.codfw.wmnet', 'port': 3318}}, 'mw_db_user': 'mediabackup', 'db_host': 'db2183.codfw.wmnet', 'db_port': 3306, 'db_user': 'mediabackup', 'db_schema': 'mediabackups', 'worker_hosts': ['ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet'], 'storage_hosts': ['backup2004.codfw.wmnet:9000', 'backup2005.codfw.wmnet:9000', 'backup2006.codfw.wmnet:9000', 'backup2007.codfw.wmnet:9000', 'backup2011.codfw.wmnet:9000', 'backup2010.codfw.wmnet:9000', 'backup2015.codfw.wmnet:9000', 'backup2015.codfw.wmnet:9001', 'backup2015.codfw.wmnet:9002', 'backup2015.codfw.wmnet:9003', 'backup2016.codfw.wmnet:9000', 'backup2016.codfw.wmnet:9001', 'backup2016.codfw.wmnet:9002', 'backup2016.codfw.wmnet:9003', 'backup2017.codfw.wmnet:9000', 'backup2017.codfw.wmnet:9001', 'backup2017.codfw.wmnet:9002', 'backup2017.codfw.wmnet:9003', 'backup2018.codfw.wmnet:9000', 'backup2018.codfw.wmnet:9001', 'backup2018.codfw.wmnet:9002', 'backup2018.codfw.wmnet:9003', 'backup2019.codfw.wmnet:9000', 'backup2019.codfw.wmnet:9001', 'backup2019.codfw.wmnet:9002', 'backup2019.codfw.wmnet:9003', 'backup2020.codfw.wmnet:9000', 'backup2020.codfw.wmnet:9001', 'backup2020.codfw.wmnet:9002', 'backup2020.codfw.wmnet:9003']}\n"}, {"resource": "Firewall::Service[versitygw-objectstorage02-mediabackup-workers]", "parameters": "--- Firewall::Service[versitygw-objectstorage02-mediabackup-workers].orig\n+++ Firewall::Service[versitygw-objectstorage02-mediabackup-workers]\n\n@@\n-    srange => ['ms-backup2001.codfw.wmnet', 'ms-backup2002.codfw.wmnet', 'ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n+    srange => ['ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n"}, {"resource": "File[/etc/nftables/notrack/10_versitygw-objectstorage01-mediabackup-workers.nft]", "content": "--- /etc/nftables/notrack/10_versitygw-objectstorage01-mediabackup-workers.nft.orig\n+++ /etc/nftables/notrack/10_versitygw-objectstorage01-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9001 } notrack\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9001 } notrack\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9001 } notrack\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9001 } notrack"}, {"resource": "Firewall::Service[versitygw-objectstorage00-mediabackup-workers]", "parameters": "--- Firewall::Service[versitygw-objectstorage00-mediabackup-workers].orig\n+++ Firewall::Service[versitygw-objectstorage00-mediabackup-workers]\n\n@@\n-    srange => ['ms-backup2001.codfw.wmnet', 'ms-backup2002.codfw.wmnet', 'ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n+    srange => ['ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n"}, {"resource": "File[/etc/nftables/notrack/10_versitygw-objectstorage00-mediabackup-workers.nft]", "content": "--- /etc/nftables/notrack/10_versitygw-objectstorage00-mediabackup-workers.nft.orig\n+++ /etc/nftables/notrack/10_versitygw-objectstorage00-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9000 } notrack\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9000 } notrack\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9000 } notrack\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9000 } notrack"}, {"resource": "Nftables::Service[versitygw-objectstorage02-mediabackup-workers]", "parameters": "--- Nftables::Service[versitygw-objectstorage02-mediabackup-workers].orig\n+++ Nftables::Service[versitygw-objectstorage02-mediabackup-workers]\n\n@@\n-    src_ips => ['10.192.12.6', '10.192.32.47', '10.192.48.42', '10.192.8.7', '2620:0:860:103:10:192:32:47', '2620:0:860:104:10:192:48:42', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n+    src_ips => ['10.192.12.6', '10.192.8.7', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n"}, {"resource": "File[/etc/nftables/input/10_versitygw-objectstorage03-mediabackup-workers.nft]", "content": "--- /etc/nftables/input/10_versitygw-objectstorage03-mediabackup-workers.nft.orig\n+++ /etc/nftables/input/10_versitygw-objectstorage03-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9003 } accept\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9003 } accept\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9003 } accept\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9003 } accept"}, {"resource": "File[/etc/nftables/input/10_versitygw-objectstorage02-mediabackup-workers.nft]", "content": "--- /etc/nftables/input/10_versitygw-objectstorage02-mediabackup-workers.nft.orig\n+++ /etc/nftables/input/10_versitygw-objectstorage02-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9002 } accept\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9002 } accept\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9002 } accept\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9002 } accept"}, {"resource": "Firewall::Service[versitygw-objectstorage03-mediabackup-workers]", "parameters": "--- Firewall::Service[versitygw-objectstorage03-mediabackup-workers].orig\n+++ Firewall::Service[versitygw-objectstorage03-mediabackup-workers]\n\n@@\n-    srange => ['ms-backup2001.codfw.wmnet', 'ms-backup2002.codfw.wmnet', 'ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n+    srange => ['ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n"}, {"resource": "File[/etc/nftables/input/10_versitygw-objectstorage00-mediabackup-workers.nft]", "content": "--- /etc/nftables/input/10_versitygw-objectstorage00-mediabackup-workers.nft.orig\n+++ /etc/nftables/input/10_versitygw-objectstorage00-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9000 } accept\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9000 } accept\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9000 } accept\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9000 } accept"}, {"resource": "Nftables::Service[versitygw-objectstorage00-mediabackup-workers]", "parameters": "--- Nftables::Service[versitygw-objectstorage00-mediabackup-workers].orig\n+++ Nftables::Service[versitygw-objectstorage00-mediabackup-workers]\n\n@@\n-    src_ips => ['10.192.12.6', '10.192.32.47', '10.192.48.42', '10.192.8.7', '2620:0:860:103:10:192:32:47', '2620:0:860:104:10:192:48:42', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n+    src_ips => ['10.192.12.6', '10.192.8.7', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n"}], "perc_changed": "0.57%"}, "core": {"total": 2982, "only_in_self": [], "only_in_other": [], "resource_diffs": [{"resource": "File[/etc/nftables/notrack/10_versitygw-objectstorage00-mediabackup-workers.nft]", "content": "--- /etc/nftables/notrack/10_versitygw-objectstorage00-mediabackup-workers.nft.orig\n+++ /etc/nftables/notrack/10_versitygw-objectstorage00-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9000 } notrack\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9000 } notrack\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9000 } notrack\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9000 } notrack"}, {"resource": "File[/etc/nftables/notrack/10_versitygw-objectstorage03-mediabackup-workers.nft]", "content": "--- /etc/nftables/notrack/10_versitygw-objectstorage03-mediabackup-workers.nft.orig\n+++ /etc/nftables/notrack/10_versitygw-objectstorage03-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9003 } notrack\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9003 } notrack\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9003 } notrack\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9003 } notrack"}, {"resource": "File[/etc/nftables/input/10_versitygw-objectstorage01-mediabackup-workers.nft]", "content": "--- /etc/nftables/input/10_versitygw-objectstorage01-mediabackup-workers.nft.orig\n+++ /etc/nftables/input/10_versitygw-objectstorage01-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9001 } accept\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9001 } accept\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9001 } accept\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9001 } accept"}, {"resource": "File[/etc/nftables/notrack/10_versitygw-objectstorage02-mediabackup-workers.nft]", "content": "--- /etc/nftables/notrack/10_versitygw-objectstorage02-mediabackup-workers.nft.orig\n+++ /etc/nftables/notrack/10_versitygw-objectstorage02-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9002 } notrack\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9002 } notrack\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9002 } notrack\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9002 } notrack"}, {"resource": "File[/etc/nftables/input/10_versitygw-objectstorage03-mediabackup-workers.nft]", "content": "--- /etc/nftables/input/10_versitygw-objectstorage03-mediabackup-workers.nft.orig\n+++ /etc/nftables/input/10_versitygw-objectstorage03-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9003 } accept\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9003 } accept\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9003 } accept\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9003 } accept"}, {"resource": "File[/etc/nftables/input/10_versitygw-objectstorage02-mediabackup-workers.nft]", "content": "--- /etc/nftables/input/10_versitygw-objectstorage02-mediabackup-workers.nft.orig\n+++ /etc/nftables/input/10_versitygw-objectstorage02-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9002 } accept\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9002 } accept\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9002 } accept\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9002 } accept"}, {"resource": "File[/etc/nftables/input/10_versitygw-objectstorage00-mediabackup-workers.nft]", "content": "--- /etc/nftables/input/10_versitygw-objectstorage00-mediabackup-workers.nft.orig\n+++ /etc/nftables/input/10_versitygw-objectstorage00-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9000 } accept\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9000 } accept\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9000 } accept\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9000 } accept"}, {"resource": "File[/etc/nftables/notrack/10_versitygw-objectstorage01-mediabackup-workers.nft]", "content": "--- /etc/nftables/notrack/10_versitygw-objectstorage01-mediabackup-workers.nft.orig\n+++ /etc/nftables/notrack/10_versitygw-objectstorage01-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9001 } notrack\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9001 } notrack\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9001 } notrack\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9001 } notrack"}], "perc_changed": "0.27%"}, "main": {"total": 2982, "only_in_self": [], "only_in_other": [], "resource_diffs": [{"resource": "File[/etc/nftables/notrack/10_versitygw-objectstorage00-mediabackup-workers.nft]", "content": "--- /etc/nftables/notrack/10_versitygw-objectstorage00-mediabackup-workers.nft.orig\n+++ /etc/nftables/notrack/10_versitygw-objectstorage00-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9000 } notrack\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9000 } notrack\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9000 } notrack\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9000 } notrack"}, {"resource": "Nftables::Service[versitygw-objectstorage01-mediabackup-workers]", "parameters": "--- Nftables::Service[versitygw-objectstorage01-mediabackup-workers].orig\n+++ Nftables::Service[versitygw-objectstorage01-mediabackup-workers]\n\n@@\n-    src_ips => ['10.192.12.6', '10.192.32.47', '10.192.48.42', '10.192.8.7', '2620:0:860:103:10:192:32:47', '2620:0:860:104:10:192:48:42', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n+    src_ips => ['10.192.12.6', '10.192.8.7', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n"}, {"resource": "Firewall::Service[versitygw-objectstorage01-mediabackup-workers]", "parameters": "--- Firewall::Service[versitygw-objectstorage01-mediabackup-workers].orig\n+++ Firewall::Service[versitygw-objectstorage01-mediabackup-workers]\n\n@@\n-    srange => ['ms-backup2001.codfw.wmnet', 'ms-backup2002.codfw.wmnet', 'ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n+    srange => ['ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n"}, {"resource": "File[/etc/nftables/notrack/10_versitygw-objectstorage03-mediabackup-workers.nft]", "content": "--- /etc/nftables/notrack/10_versitygw-objectstorage03-mediabackup-workers.nft.orig\n+++ /etc/nftables/notrack/10_versitygw-objectstorage03-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9003 } notrack\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9003 } notrack\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9003 } notrack\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9003 } notrack"}, {"resource": "File[/etc/nftables/input/10_versitygw-objectstorage01-mediabackup-workers.nft]", "content": "--- /etc/nftables/input/10_versitygw-objectstorage01-mediabackup-workers.nft.orig\n+++ /etc/nftables/input/10_versitygw-objectstorage01-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9001 } accept\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9001 } accept\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9001 } accept\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9001 } accept"}, {"resource": "File[/etc/nftables/notrack/10_versitygw-objectstorage02-mediabackup-workers.nft]", "content": "--- /etc/nftables/notrack/10_versitygw-objectstorage02-mediabackup-workers.nft.orig\n+++ /etc/nftables/notrack/10_versitygw-objectstorage02-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9002 } notrack\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9002 } notrack\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9002 } notrack\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9002 } notrack"}, {"resource": "Nftables::Service[versitygw-objectstorage02-mediabackup-workers]", "parameters": "--- Nftables::Service[versitygw-objectstorage02-mediabackup-workers].orig\n+++ Nftables::Service[versitygw-objectstorage02-mediabackup-workers]\n\n@@\n-    src_ips => ['10.192.12.6', '10.192.32.47', '10.192.48.42', '10.192.8.7', '2620:0:860:103:10:192:32:47', '2620:0:860:104:10:192:48:42', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n+    src_ips => ['10.192.12.6', '10.192.8.7', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n"}, {"resource": "Nftables::Service[versitygw-objectstorage03-mediabackup-workers]", "parameters": "--- Nftables::Service[versitygw-objectstorage03-mediabackup-workers].orig\n+++ Nftables::Service[versitygw-objectstorage03-mediabackup-workers]\n\n@@\n-    src_ips => ['10.192.12.6', '10.192.32.47', '10.192.48.42', '10.192.8.7', '2620:0:860:103:10:192:32:47', '2620:0:860:104:10:192:48:42', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n+    src_ips => ['10.192.12.6', '10.192.8.7', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n"}, {"resource": "File[/etc/nftables/input/10_versitygw-objectstorage03-mediabackup-workers.nft]", "content": "--- /etc/nftables/input/10_versitygw-objectstorage03-mediabackup-workers.nft.orig\n+++ /etc/nftables/input/10_versitygw-objectstorage03-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9003 } accept\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9003 } accept\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9003 } accept\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9003 } accept"}, {"resource": "File[/etc/nftables/input/10_versitygw-objectstorage02-mediabackup-workers.nft]", "content": "--- /etc/nftables/input/10_versitygw-objectstorage02-mediabackup-workers.nft.orig\n+++ /etc/nftables/input/10_versitygw-objectstorage02-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9002 } accept\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9002 } accept\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9002 } accept\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9002 } accept"}, {"resource": "Firewall::Service[versitygw-objectstorage03-mediabackup-workers]", "parameters": "--- Firewall::Service[versitygw-objectstorage03-mediabackup-workers].orig\n+++ Firewall::Service[versitygw-objectstorage03-mediabackup-workers]\n\n@@\n-    srange => ['ms-backup2001.codfw.wmnet', 'ms-backup2002.codfw.wmnet', 'ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n+    srange => ['ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n"}, {"resource": "Class[Profile::Mediabackup::New_storage]", "parameters": "--- Class[Profile::Mediabackup::New_storage].orig\n+++ Class[Profile::Mediabackup::New_storage]\n\n@@\n-    mediabackup_config => {'mw_db_password': 'notsecret', 'db_password': 'notsecret', 'storage_root_user': 'auser', 'storage_root_password': 'dummypassword', 'encryption_key': '# created: 2021-11-29T11:50:16+01:00\\n# public key: public\\nAGE-SECRET-KEY-private\"\\n', 'access_key': 's3user', 'secret_key': 's3key', 'recovery_access_key': 's3userForFileRestores', 'recovery_secret_key': 's3keyForFileRestores', 'batchsize': 100, 'dblists_path': '/srv/mediawiki-config/dblists', 'mw_db_config_file': '/etc/mediabackup/mw_db.ini', 'db_config_file': '/etc/mediabackup/mediabackups_db.ini', 'storage_path': '/srv/objectstorage', 'storage_port': 9000, 'console_port': 9001, 'sections': {'s1': {'host': 'db2141.codfw.wmnet', 'port': 3311}, 's2': {'host': 'db2197.codfw.wmnet', 'port': 3312}, 's3': {'host': 'db2239.codfw.wmnet', 'port': 3313}, 's4': {'host': 'db2199.codfw.wmnet', 'port': 3314}, 's5': {'host': 'db2201.codfw.wmnet', 'port': 3315}, 's6': {'host': 'db2197.codfw.wmnet', 'port': 3316}, 's7': {'host': 'db2198.codfw.wmnet', 'port': 3317}, 's8': {'host': 'db2198.codfw.wmnet', 'port': 3318}}, 'mw_db_user': 'mediabackup', 'db_host': 'db2183.codfw.wmnet', 'db_port': 3306, 'db_user': 'mediabackup', 'db_schema': 'mediabackups', 'worker_hosts': ['ms-backup2001.codfw.wmnet', 'ms-backup2002.codfw.wmnet', 'ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet'], 'storage_hosts': ['backup2004.codfw.wmnet:9000', 'backup2005.codfw.wmnet:9000', 'backup2006.codfw.wmnet:9000', 'backup2007.codfw.wmnet:9000', 'backup2011.codfw.wmnet:9000', 'backup2010.codfw.wmnet:9000', 'backup2015.codfw.wmnet:9000', 'backup2015.codfw.wmnet:9001', 'backup2015.codfw.wmnet:9002', 'backup2015.codfw.wmnet:9003', 'backup2016.codfw.wmnet:9000', 'backup2016.codfw.wmnet:9001', 'backup2016.codfw.wmnet:9002', 'backup2016.codfw.wmnet:9003', 'backup2017.codfw.wmnet:9000', 'backup2017.codfw.wmnet:9001', 'backup2017.codfw.wmnet:9002', 'backup2017.codfw.wmnet:9003', 'backup2018.codfw.wmnet:9000', 'backup2018.codfw.wmnet:9001', 'backup2018.codfw.wmnet:9002', 'backup2018.codfw.wmnet:9003', 'backup2019.codfw.wmnet:9000', 'backup2019.codfw.wmnet:9001', 'backup2019.codfw.wmnet:9002', 'backup2019.codfw.wmnet:9003', 'backup2020.codfw.wmnet:9000', 'backup2020.codfw.wmnet:9001', 'backup2020.codfw.wmnet:9002', 'backup2020.codfw.wmnet:9003']}\n+    mediabackup_config => {'mw_db_password': 'notsecret', 'db_password': 'notsecret', 'storage_root_user': 'auser', 'storage_root_password': 'dummypassword', 'encryption_key': '# created: 2021-11-29T11:50:16+01:00\\n# public key: public\\nAGE-SECRET-KEY-private\"\\n', 'access_key': 's3user', 'secret_key': 's3key', 'recovery_access_key': 's3userForFileRestores', 'recovery_secret_key': 's3keyForFileRestores', 'batchsize': 100, 'dblists_path': '/srv/mediawiki-config/dblists', 'mw_db_config_file': '/etc/mediabackup/mw_db.ini', 'db_config_file': '/etc/mediabackup/mediabackups_db.ini', 'storage_path': '/srv/objectstorage', 'storage_port': 9000, 'console_port': 9001, 'sections': {'s1': {'host': 'db2141.codfw.wmnet', 'port': 3311}, 's2': {'host': 'db2197.codfw.wmnet', 'port': 3312}, 's3': {'host': 'db2239.codfw.wmnet', 'port': 3313}, 's4': {'host': 'db2199.codfw.wmnet', 'port': 3314}, 's5': {'host': 'db2201.codfw.wmnet', 'port': 3315}, 's6': {'host': 'db2197.codfw.wmnet', 'port': 3316}, 's7': {'host': 'db2198.codfw.wmnet', 'port': 3317}, 's8': {'host': 'db2198.codfw.wmnet', 'port': 3318}}, 'mw_db_user': 'mediabackup', 'db_host': 'db2183.codfw.wmnet', 'db_port': 3306, 'db_user': 'mediabackup', 'db_schema': 'mediabackups', 'worker_hosts': ['ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet'], 'storage_hosts': ['backup2004.codfw.wmnet:9000', 'backup2005.codfw.wmnet:9000', 'backup2006.codfw.wmnet:9000', 'backup2007.codfw.wmnet:9000', 'backup2011.codfw.wmnet:9000', 'backup2010.codfw.wmnet:9000', 'backup2015.codfw.wmnet:9000', 'backup2015.codfw.wmnet:9001', 'backup2015.codfw.wmnet:9002', 'backup2015.codfw.wmnet:9003', 'backup2016.codfw.wmnet:9000', 'backup2016.codfw.wmnet:9001', 'backup2016.codfw.wmnet:9002', 'backup2016.codfw.wmnet:9003', 'backup2017.codfw.wmnet:9000', 'backup2017.codfw.wmnet:9001', 'backup2017.codfw.wmnet:9002', 'backup2017.codfw.wmnet:9003', 'backup2018.codfw.wmnet:9000', 'backup2018.codfw.wmnet:9001', 'backup2018.codfw.wmnet:9002', 'backup2018.codfw.wmnet:9003', 'backup2019.codfw.wmnet:9000', 'backup2019.codfw.wmnet:9001', 'backup2019.codfw.wmnet:9002', 'backup2019.codfw.wmnet:9003', 'backup2020.codfw.wmnet:9000', 'backup2020.codfw.wmnet:9001', 'backup2020.codfw.wmnet:9002', 'backup2020.codfw.wmnet:9003']}\n"}, {"resource": "File[/etc/nftables/input/10_versitygw-objectstorage00-mediabackup-workers.nft]", "content": "--- /etc/nftables/input/10_versitygw-objectstorage00-mediabackup-workers.nft.orig\n+++ /etc/nftables/input/10_versitygw-objectstorage00-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9000 } accept\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9000 } accept\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9000 } accept\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9000 } accept"}, {"resource": "Nftables::Service[versitygw-objectstorage00-mediabackup-workers]", "parameters": "--- Nftables::Service[versitygw-objectstorage00-mediabackup-workers].orig\n+++ Nftables::Service[versitygw-objectstorage00-mediabackup-workers]\n\n@@\n-    src_ips => ['10.192.12.6', '10.192.32.47', '10.192.48.42', '10.192.8.7', '2620:0:860:103:10:192:32:47', '2620:0:860:104:10:192:48:42', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n+    src_ips => ['10.192.12.6', '10.192.8.7', '2620:0:860:109:10:192:8:7', '2620:0:860:10d:10:192:12:6']\n"}, {"resource": "Firewall::Service[versitygw-objectstorage02-mediabackup-workers]", "parameters": "--- Firewall::Service[versitygw-objectstorage02-mediabackup-workers].orig\n+++ Firewall::Service[versitygw-objectstorage02-mediabackup-workers]\n\n@@\n-    srange => ['ms-backup2001.codfw.wmnet', 'ms-backup2002.codfw.wmnet', 'ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n+    srange => ['ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n"}, {"resource": "File[/etc/nftables/notrack/10_versitygw-objectstorage01-mediabackup-workers.nft]", "content": "--- /etc/nftables/notrack/10_versitygw-objectstorage01-mediabackup-workers.nft.orig\n+++ /etc/nftables/notrack/10_versitygw-objectstorage01-mediabackup-workers.nft\n@@ -1,4 +1,4 @@\n # Managed by puppet\n # \n-ip saddr { 10.192.12.6, 10.192.32.47, 10.192.48.42, 10.192.8.7 } tcp dport { 9001 } notrack\n-ip6 saddr { 2620:0:860:103:10:192:32:47, 2620:0:860:104:10:192:48:42, 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9001 } notrack\n+ip saddr { 10.192.12.6, 10.192.8.7 } tcp dport { 9001 } notrack\n+ip6 saddr { 2620:0:860:109:10:192:8:7, 2620:0:860:10d:10:192:12:6 } tcp dport { 9001 } notrack"}, {"resource": "Firewall::Service[versitygw-objectstorage00-mediabackup-workers]", "parameters": "--- Firewall::Service[versitygw-objectstorage00-mediabackup-workers].orig\n+++ Firewall::Service[versitygw-objectstorage00-mediabackup-workers]\n\n@@\n-    srange => ['ms-backup2001.codfw.wmnet', 'ms-backup2002.codfw.wmnet', 'ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n+    srange => ['ms-backup2003.codfw.wmnet', 'ms-backup2004.codfw.wmnet']\n"}], "perc_changed": "0.57%"}}}