]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/networking/recipes/default.rb
projects / chef.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Touch XML files to reflect date of original RRD file. Don't run dump in parallel...
[chef.git] / cookbooks / networking / recipes / default.rb
diff --git a/cookbooks/networking/recipes/default.rb b/cookbooks/networking/recipes/default.rb
index 2f2812aa9cb4e01d20f84d659a701e86ea755aab..16dd48269c87b18b091abd3f43fb4a1ada5c2dda 100644 (file)
--- a/cookbooks/networking/recipes/default.rb
+++ b/cookbooks/networking/recipes/default.rb
@@ -30,18 +30,18 @@ node[:networking][:interfaces].each do |name, interface|
 
   if interface[:role] && (role = node[:networking][:roles][interface[:role]])
     if role[interface[:family]]
-      node.set[:networking][:interfaces][name][:prefix] = role[interface[:family]][:prefix]
-      node.set[:networking][:interfaces][name][:gateway] = role[interface[:family]][:gateway]
+      node.normal[:networking][:interfaces][name][:prefix] = role[interface[:family]][:prefix]
+      node.normal[:networking][:interfaces][name][:gateway] = role[interface[:family]][:gateway]
     end
 
-    node.set[:networking][:interfaces][name][:metric] = role[:metric]
-    node.set[:networking][:interfaces][name][:zone] = role[:zone]
+    node.normal[:networking][:interfaces][name][:metric] = role[:metric]
+    node.normal[:networking][:interfaces][name][:zone] = role[:zone]
   end
 
   prefix = node[:networking][:interfaces][name][:prefix]
 
-  node.set[:networking][:interfaces][name][:netmask] = (~IPAddr.new(interface[:address]).mask(0)).mask(prefix)
-  node.set[:networking][:interfaces][name][:network] = IPAddr.new(interface[:address]).mask(prefix)
+  node.normal[:networking][:interfaces][name][:netmask] = (~IPAddr.new(interface[:address]).mask(0)).mask(prefix)
+  node.normal[:networking][:interfaces][name][:network] = IPAddr.new(interface[:address]).mask(prefix)
 end
 
 package network_packages
@@ -188,7 +188,7 @@ template "/etc/shorewall/rules" do
   owner "root"
   group "root"
   mode 0o644
-  variables :rules => []
+  variables :family => "inet"
   notifies :restart, "service[shorewall]"
 end
 
@@ -301,7 +301,7 @@ unless node.interfaces(:family => :inet6).empty?
     owner "root"
     group "root"
     mode 0o644
-    variables :rules => []
+    variables :family => "inet6"
     notifies :restart, "service[shorewall6]"
   end
 
@@ -336,6 +336,7 @@ firewall_rule "accept-http" do
   dest "fw"
   proto "tcp:syn"
   dest_ports "http"
+  connection_limit node[:networking][:firewall][:http_connection_limit]
 end
 
 firewall_rule "accept-https" do
@@ -344,4 +345,5 @@ firewall_rule "accept-https" do
   dest "fw"
   proto "tcp:syn"
   dest_ports "https"
+  connection_limit node[:networking][:firewall][:http_connection_limit]
 end
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.