Add proxy ACLs
[cacert-puppet.git] / hieradata / nodes / proxyout.yaml
1 ---
2 classes:
3 - roles::proxyout
4 profiles::base::admins:
5 - jandd
6 - law
7 profiles::squid::acls:
8 - "localnet src 10.0.0.0/24"
9 - "localnet src 172.16.2.0/24"
10 - "jenkins src 172.16.2.115"
11 - "puppet src 172.16.2.10"
12 - "test src 172.16.2.248"
13 - "testmgr src 172.16.2.10"
14 - "debmirror dstdomain .debian.org"
15 - "debpgsql dstdomain apt.postgresql.org"
16 - "debmariadb dstdomain mirror2.hs-esslingen.de"
17 - "debpuppet dstdomain apt.puppetlabs.com"
18 - "debjenkins dstdomain pkg.jenkins-ci.org"
19 - "debjenkins dstdomain mirrors.jenkins.io"
20 - "debjenkins dstdomain ftp-chi.osuosl.org"
21 - "debjenkins dstdomain ftp-nyc.osuosl.org"
22 - "debjenkins dstdomain archives.jenkins-ci.org"
23 - "debjenkins dstdomain mirrors.seville-jam.es"
24 - "debjenkins dstdomain mirror.esuni.jp"
25 - "debjenkins dstdomain ftp.yz.yamagata-u.ac.jp"
26 - "debjenkins dstdomain mirrors.tuna.tsinghua.edu.cn"
27 - "rubygems dstdomain api.rubygems.org"
28 - "puppetforge dstdomain forgeapi.puppetlabs.com"
29 - "github dstdomain github.com"
30 - "pypi dstdomain pypi.org"
31 - "cacert dstdomain .cacert.org"
32 profiles::squid::http_access:
33 - "allow localnet debmirror"
34 - "allow localnet debpuppet"
35 - "allow localnet debmariadb"
36 - "allow localnet cacert"
37 - "allow jenkins debjenkins"
38 - "allow jenkins github"
39 - "allow jenkins pypi"
40 - "allow puppet rubygems"
41 - "allow puppet puppetforge"
42 - "allow test github"
43 - "allow testmgr github"