From fe3cc1efde3e3b99bd79fd58715c7a80e3bf6846 Mon Sep 17 00:00:00 2001
From: Johan Wassberg <jocar@sunet.se>
Date: Wed, 17 Jan 2024 20:00:57 +0100
Subject: [PATCH] Test new firewall setup

---
 global/overlay/etc/puppet/cosmos-rules.yaml               | 1 +
 global/overlay/etc/puppet/modules/eid/manifests/idm_db.pp | 8 ++++----
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/global/overlay/etc/puppet/cosmos-rules.yaml b/global/overlay/etc/puppet/cosmos-rules.yaml
index 1e4c9e8a..f368db8d 100644
--- a/global/overlay/etc/puppet/cosmos-rules.yaml
+++ b/global/overlay/etc/puppet/cosmos-rules.yaml
@@ -1178,3 +1178,4 @@ eidastest-1.qa.sveidas.se:
 
 idm-sto3-test-db-3\.komreg\.net:
    sunet::dockerhost2:
+   eid::idm_db:
diff --git a/global/overlay/etc/puppet/modules/eid/manifests/idm_db.pp b/global/overlay/etc/puppet/modules/eid/manifests/idm_db.pp
index 348d92ed..98f63e86 100644
--- a/global/overlay/etc/puppet/modules/eid/manifests/idm_db.pp
+++ b/global/overlay/etc/puppet/modules/eid/manifests/idm_db.pp
@@ -2,8 +2,8 @@
 class eid::idm_db (
   $bootstrap = undef,
 ) {
-
-  sunet::mariadb { 'idm_db':
-    bootstrap            => $bootstrap,
-  }
+    sunet::nftables::allow { 'allow-http-from-all':
+      from => 'any',
+      port => '80',
+    }
 }