Add proxy ACLs
authorJan Dittberner <jandd@cacert.org>
Sat, 27 Oct 2018 12:32:41 +0000 (14:32 +0200)
committerJan Dittberner <jandd@cacert.org>
Sat, 27 Oct 2018 12:32:41 +0000 (14:32 +0200)
- allow PyPI access from jenkins
- allow CAcert.org access to all internal systems

hieradata/nodes/proxyout.yaml

index 91f336b..9cad53f 100644 (file)
@@ -27,12 +27,16 @@ profiles::squid::acls:
     - "rubygems dstdomain api.rubygems.org"
     - "puppetforge dstdomain forgeapi.puppetlabs.com"
     - "github dstdomain github.com"
+    - "pypi dstdomain pypi.org"
+    - "cacert dstdomain .cacert.org"
 profiles::squid::http_access:
     - "allow localnet debmirror"
     - "allow localnet debpuppet"
     - "allow localnet debmariadb"
+    - "allow localnet cacert"
     - "allow jenkins debjenkins"
     - "allow jenkins github"
+    - "allow jenkins pypi"
     - "allow puppet rubygems"
     - "allow puppet puppetforge"
     - "allow test github"