-template "/etc/gitweb.conf" do
- source "gitweb.conf.erb"
- owner "root"
- group "root"
- mode 0644
-end
-
-apache_site node[:git][:host] do
- template "apache.erb"
- directory git_directory
-end
-
-template "#{git_directory}/robots.txt" do
- source "robots.txt.erb"
- owner "root"
- group "root"
- mode 0644
-end
-
-firewall_rule "accept-git" do
- action :accept
- source "net"
- dest "fw"
- proto "tcp:syn"
- dest_ports "git"
- source_ports "1024:"
+if node[:git][:allowed_nodes]
+ search(:node, node[:git][:allowed_nodes]).sort_by { |n| n[:fqdn] }.each do |n|
+ n.interfaces(:role => :external).each do |interface|
+ firewall_rule "accept-git" do
+ action :accept
+ family interface[:family]
+ source "#{interface[:zone]}:#{interface[:address]}"
+ dest "fw"
+ proto "tcp:syn"
+ dest_ports "git"
+ source_ports "1024:"
+ end
+ end
+ end
+else
+ firewall_rule "accept-git" do
+ action :accept
+ source "net"
+ dest "fw"
+ proto "tcp:syn"
+ dest_ports "git"
+ source_ports "1024:"
+ end