From e013d5baa70f5920e121cc12122335b835b80c2d Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Fri, 17 Feb 2023 14:46:22 +0100
Subject: [PATCH] Use ufw from puppet sunet instead

---
 manifests/app_type.pp | 4 ++++
 manifests/proxysql.pp | 8 ++++++++
 2 files changed, 12 insertions(+)

diff --git a/manifests/app_type.pp b/manifests/app_type.pp
index f562e50..abf302c 100644
--- a/manifests/app_type.pp
+++ b/manifests/app_type.pp
@@ -338,6 +338,10 @@ define sunetdrive::app_type (
       from => '0.0.0.0/0',
       port => 443,
     }
+    sunet::nftables::docker_expose { 'https':
+      from => ['any']
+      port => 443,
+    }
   }
 
 }
diff --git a/manifests/proxysql.pp b/manifests/proxysql.pp
index 38f370c..96b0cc1 100644
--- a/manifests/proxysql.pp
+++ b/manifests/proxysql.pp
@@ -69,6 +69,14 @@ class sunetdrive::proxysql (
     from => $tug_office,
     port => 6080,
   }
+  sunet::nftables::docker_expose { 'stats_ports':
+    from => $tug_office,
+    port => 6080,
+  }
+  sunet::nftables::docker_expose { 'proxysql':
+    from => ['any'],
+    port => 6032,
+  }
 
   sunet::docker_compose { 'drive_proxysql_docker_compose':
     content          => template('sunetdrive/proxysql/docker-compose_proxysql.yml.erb'),