-if node[:git][:allowed_nodes]
- search(:node, node[:git][:allowed_nodes]).sort_by { |n| n[:fqdn] }.each do |n|
- n.interfaces(:role => :external).each do |interface|
- firewall_rule "accept-git" do
- action :accept
- family interface[:family]
- source "#{interface[:zone]}:#{interface[:address]}"
- dest "fw"
- proto "tcp:syn"
- dest_ports "git"
- source_ports "1024:"
- end
- end
- end
-else
- firewall_rule "accept-git" do
- action :accept
- source "net"
- dest "fw"
- proto "tcp:syn"
- dest_ports "git"
- source_ports "1024:"
- end
+directory "#{git_directory}/private" do
+ owner node[:git][:private_user]
+ group node[:git][:private_group]
+ mode 0o2775