From 8d58708305b09c5a22b698719fb4aa79b67344a1 Mon Sep 17 00:00:00 2001 From: Stephen Smoogen Date: Sep 23 2020 21:08:17 +0000 Subject: remove 10.5.126 ips from nrpe to try and figure out why host was not connecting --- diff --git a/roles/base/templates/iptables/iptables.osuosl b/roles/base/templates/iptables/iptables.osuosl index 2174260..0211960 100644 --- a/roles/base/templates/iptables/iptables.osuosl +++ b/roles/base/templates/iptables/iptables.osuosl @@ -34,7 +34,6 @@ -A INPUT -p tcp -m tcp --dport 5666 -s 38.145.60.16 -j ACCEPT -A INPUT -p tcp -m tcp --dport 5666 -s 38.145.60.15 -j ACCEPT -A INPUT -p tcp -m tcp --dport 5666 -s 10.3.163.10 -j ACCEPT --A INPUT -p tcp -m tcp --dport 5666 -s 10.5.126.241 -j ACCEPT # if the host/group defines incoming tcp_ports - allow them {% if tcp_ports is defined %} diff --git a/roles/base/templates/iptables/iptables.staging b/roles/base/templates/iptables/iptables.staging index b1132b3..c1e6930 100644 --- a/roles/base/templates/iptables/iptables.staging +++ b/roles/base/templates/iptables/iptables.staging @@ -31,8 +31,6 @@ -A INPUT -p tcp -m tcp --dport 5666 -s 38.145.60.16 -j ACCEPT -A INPUT -p tcp -m tcp --dport 5666 -s 38.145.60.15 -j ACCEPT -A INPUT -p tcp -m tcp --dport 5666 -s 10.3.163.10 -j ACCEPT --A INPUT -p tcp -m tcp --dport 5666 -s 10.5.126.241 -j ACCEPT --A INPUT -p tcp -m tcp --dport 5666 -s 10.5.128.38 -j ACCEPT # if the host declares a fedmsg-enabled wsgi app, open ports for it {% if wsgi_fedmsg_service is defined %} diff --git a/roles/base/templates/iptables/iptables.torrent02.fedoraproject.org b/roles/base/templates/iptables/iptables.torrent02.fedoraproject.org index 08bb60b..ed92663 100644 --- a/roles/base/templates/iptables/iptables.torrent02.fedoraproject.org +++ b/roles/base/templates/iptables/iptables.torrent02.fedoraproject.org @@ -31,7 +31,6 @@ -A INPUT -p tcp -m tcp --dport 5666 -s 38.145.60.16 -j ACCEPT -A INPUT -p tcp -m tcp --dport 5666 -s 38.145.60.15 -j ACCEPT -A INPUT -p tcp -m tcp --dport 5666 -s 10.3.163.10 -j ACCEPT --A INPUT -p tcp -m tcp --dport 5666 -s 10.5.126.241 -j ACCEPT {% if env != 'staging' and datacenter == 'phx2' and inventory_hostname not in groups['staging_friendly'] %} # diff --git a/roles/nagios_client/templates/nrpe.cfg.j2 b/roles/nagios_client/templates/nrpe.cfg.j2 index c9275ca..cdcdb02 100644 --- a/roles/nagios_client/templates/nrpe.cfg.j2 +++ b/roles/nagios_client/templates/nrpe.cfg.j2 @@ -80,9 +80,9 @@ nrpe_group=nrpe {% if env == "staging" %} -allowed_hosts=10.5.126.2,10.3.163.10,10.5.126.241,192.168.1.10,192.168.1.20,38.145.60.15,192.168.1.166,38.145.60.16 +allowed_hosts=10.3.163.10,192.168.1.10,192.168.1.20,38.145.60.15,192.168.1.166,38.145.60.16 {% else %} -allowed_hosts=10.3.163.10,192.168.1.10,192.168.1.20,38.145.60.15,10.5.126.241,192.168.1.166,38.145.60.16 +allowed_hosts=10.3.163.10,192.168.1.10,192.168.1.20,38.145.60.15,192.168.1.166,38.145.60.16 {% endif %} diff --git a/roles/nagios_server/templates/nrpe/nrpe.cfg.j2 b/roles/nagios_server/templates/nrpe/nrpe.cfg.j2 index 4a53199..8b0fe35 100644 --- a/roles/nagios_server/templates/nrpe/nrpe.cfg.j2 +++ b/roles/nagios_server/templates/nrpe/nrpe.cfg.j2 @@ -96,7 +96,7 @@ nrpe_group=nrpe # NOTE: This option is ignored if NRPE is running under either inetd or xinetd #allowed_hosts=127.0.0.1,192.168.0.2 -allowed_hosts=10.5.126.2,10.3.163.10,10.5.126.241,127.0.0.1,192.168.1.10,192.168.1.20,192.168.1.166,38.145.60.15 +allowed_hosts=10.3.163.10,127.0.0.1,192.168.1.10,192.168.1.20,192.168.1.166,38.145.60.15