From: Tom Hughes <tom@compton.nu>
Date: Fri, 7 Mar 2025 17:26:26 +0000 (+0000)
Subject: Drop last traces of old shorewall firewall zones
X-Git-Url: https://git.openstreetmap.org./chef.git/commitdiff_plain/31bde6183f16c517ef2ce8f713642d0062e65000?ds=inline;hp=-c

Drop last traces of old shorewall firewall zones
---

31bde6183f16c517ef2ce8f713642d0062e65000
diff --git a/cookbooks/dhcpd/recipes/default.rb b/cookbooks/dhcpd/recipes/default.rb
index 0f3c2be9c..685d08c3b 100644
--- a/cookbooks/dhcpd/recipes/default.rb
+++ b/cookbooks/dhcpd/recipes/default.rb
@@ -53,8 +53,7 @@ remote_file "/srv/tftp/netboot.xyz.kpxe" do
   mode "644"
 end
 
-zone = node.interfaces(:role => :external).first[:zone]
-domain = "#{zone}.openstreetmap.org"
+domain = node[:networking][:search].first
 
 template "/etc/dhcp/dhcpd.conf" do
   source "dhcpd.conf.erb"
diff --git a/cookbooks/networking/attributes/default.rb b/cookbooks/networking/attributes/default.rb
index 9832ce8f3..7ff93c365 100644
--- a/cookbooks/networking/attributes/default.rb
+++ b/cookbooks/networking/attributes/default.rb
@@ -6,7 +6,6 @@ default[:networking][:firewall][:outgoing] = []
 default[:networking][:firewall][:http_rate_limit] = nil
 default[:networking][:firewall][:http_connection_limit] = nil
 default[:networking][:firewall][:allowlist] = []
-default[:networking][:roles] = {}
 default[:networking][:interfaces] = {}
 default[:networking][:nameservers] = %w[8.8.8.8 8.8.4.4 2001:4860:4860::8888 2001:4860:4860::8844]
 default[:networking][:search] = []
diff --git a/cookbooks/openssh/recipes/default.rb b/cookbooks/openssh/recipes/default.rb
index 8b57aaaef..98e2fa9f2 100644
--- a/cookbooks/openssh/recipes/default.rb
+++ b/cookbooks/openssh/recipes/default.rb
@@ -43,7 +43,7 @@ hosts = search(:node, "networking:interfaces").sort_by { |n| n[:hostname] }.coll
   names = [name]
 
   unless node.interfaces(:role => :internal).empty?
-    names.unshift("#{name}.#{node[:networking][:roles][:external][:zone]}.openstreetmap.org")
+    names.unshift("#{name}.#{node[:networking][:search].first}")
   end
 
   unless node.interfaces(:role => :external).empty?
diff --git a/roles/equinix-ams-public.rb b/roles/equinix-ams-public.rb
index a67b1bfcc..b89ae21bb 100644
--- a/roles/equinix-ams-public.rb
+++ b/roles/equinix-ams-public.rb
@@ -7,7 +7,6 @@ default_attributes(
       :henet => {
         :interface => "bond0.3",
         :role => :external,
-        :zone => "ams",
         :metric => 150,
         :source_route_table => 3,
         :inet => {
@@ -25,7 +24,6 @@ default_attributes(
       :equinix => {
         :interface => "bond0.103",
         :role => :external,
-        :zone => "ams",
         :metric => 100,
         :source_route_table => 103,
         :inet => {
diff --git a/roles/equinix-dub-public.rb b/roles/equinix-dub-public.rb
index 3cac11b43..343dfb4f9 100644
--- a/roles/equinix-dub-public.rb
+++ b/roles/equinix-dub-public.rb
@@ -7,7 +7,6 @@ default_attributes(
       :henet => {
         :interface => "bond0.101",
         :role => :external,
-        :zone => "dub",
         :metric => 150,
         :source_route_table => 101,
         :inet => {
@@ -25,7 +24,6 @@ default_attributes(
       :equinix => {
         :interface => "bond0.203",
         :role => :external,
-        :zone => "dub",
         :metric => 100,
         :source_route_table => 203,
         :inet => {
diff --git a/roles/ucl-public.rb b/roles/ucl-public.rb
index 774630863..7b7c6188a 100644
--- a/roles/ucl-public.rb
+++ b/roles/ucl-public.rb
@@ -7,7 +7,6 @@ default_attributes(
       :external => {
         :role => :external,
         :metric => 100,
-        :zone => "ucl",
         :inet => {
           :prefix => "24",
           :gateway => "193.60.236.254"