Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-models / reclass-system / 81a30652fb008ca2557aadcf2992e9f68546b7ed^! / .
commit81a30652fb008ca2557aadcf2992e9f68546b7ed[log] [tgz]
authorRichard Felkl <rfelkl@mirantis.com>Thu Jun 21 15:22:37 2018 +0200
committerRichard Felkl <rfelkl@mirantis.com>Thu Jun 21 15:22:37 2018 +0200
tree8b123fcfadb06a94acdfb5d2421a19f291d05397
parent13e3cc5ef8450747efce5799587f40d835ba9889 [diff]
Remove hardcoded iptables rules form aptly.server.single.

Change-Id: I3903484ff8b0099f051359461cd41754cced9dc7
Related: PROD-19188

diff --git a/aptly/server/single.yml b/aptly/server/single.yml
index e8da341..9f2d401 100644
--- a/aptly/server/single.yml
+++ b/aptly/server/single.yml

@@ -8,47 +8,6 @@
     aptly_server_secure: true
     aptly_server_mirror_sources: false
     aptly_server_mirror_ubuntu_sources: ${_param:aptly_server_mirror_sources}
-  iptables:
-    service:
-      enabled: true
-      chain:
-        INPUT:
-          rules:
-            # Only local network can access WebDav and aptly API
-            - destination_port: 8088
-              protocol: tcp
-              source_network: 10.0.107.0/24
-              jump: ACCEPT
-            - destination_port: 8088
-              protocol: tcp
-              source_network: 185.22.96.0/22
-              jump: ACCEPT
-            - destination_port: 8088
-              protocol: tcp
-              source_network: 10.0.174.0/23
-              jump: ACCEPT
-            - destination_port: 8088
-              protocol: tcp
-              source_network: 10.0.175.0/23
-              jump: ACCEPT
-            - destination_port: 8088
-              protocol: tcp
-              jump: DROP
-            - destination_port: 8081
-              protocol: tcp
-              source_network: 10.0.107.0/24
-              jump: ACCEPT
-            - destination_port: 8081
-              protocol: tcp
-              source_network: 10.0.174.0/23
-              jump: ACCEPT
-            - destination_port: 8081
-              protocol: tcp
-              source_network: 10.0.175.0/23
-              jump: ACCEPT
-            - destination_port: 8081
-              protocol: tcp
-              jump: DROP
   nginx:
     server:
       site: