eid-ops/global/overlay/etc/puppet/modules/eid/manifests/ssh_rules.pp

class eid::ssh_rules{

  $servers = ['nat', 'eu']
  $servers.each |$servers|{
    if $::fqdn == ${server}pub-test-1.komreg.net {
      sunet::misc::ufw_allow { 'allow_${key}_ssh_1':
        from =>  dnsLookup(${server}md-test-1.komreg.net)
        port => '22',
      }
    }
    if $::fqdn == ${server}pub-test-2.komreg.net {
      sunet::misc::ufw_allow { 'allow_${key}_ssh_2':
        from =>  dnsLookup(${server}md-test-2.komreg.net)
        port => '22',
      }
    }
  }

}