# Note that the matching is done with re.match()
'.*\.cert\.sunet\.se$':
  soc:
  sunet::server:
    fail2ban: false
    ssh_allow_from_anywhere: false