From 7c29957ed9cc826521d30fed1b7469d5b46d8ec5 Mon Sep 17 00:00:00 2001
From: Sebastian Kippe <sebastian@kip.pe>
Date: Fri, 19 Apr 2019 15:52:56 +0100
Subject: [PATCH] Fix and consolidate firewall rules

Most of them are already defined in the appropriate recipe. And one can
be moved. (These are currently opened on every server for no reason.)
---
 .../5apps-xmpp_server/recipes/default.rb      |  2 +-
 .../kosmos-base/recipes/firewall.rb           | 24 -------------------
 2 files changed, 1 insertion(+), 25 deletions(-)

diff --git a/site-cookbooks/5apps-xmpp_server/recipes/default.rb b/site-cookbooks/5apps-xmpp_server/recipes/default.rb
index bfb1d13..0dd353f 100644
--- a/site-cookbooks/5apps-xmpp_server/recipes/default.rb
+++ b/site-cookbooks/5apps-xmpp_server/recipes/default.rb
@@ -10,7 +10,7 @@
 unless node.chef_environment == "development"
   include_recipe "firewall"
   firewall_rule "xmpp" do
-    port     [5222, 5269]
+    port     [5222, 5269, 5281]
     protocol :tcp
     command  :allow
   end
diff --git a/site-cookbooks/kosmos-base/recipes/firewall.rb b/site-cookbooks/kosmos-base/recipes/firewall.rb
index 233a34c..96dd212 100644
--- a/site-cookbooks/kosmos-base/recipes/firewall.rb
+++ b/site-cookbooks/kosmos-base/recipes/firewall.rb
@@ -38,27 +38,3 @@ firewall_rule 'mosh' do
   protocol :udp
   command  :allow
 end
-
-firewall_rule 'prosody_http_upload' do
-  port     5281
-  protocol :tcp
-  command  :allow
-end
-
-firewall_rule 'hubot_express_hal8000' do
-  port     8080
-  protocol :tcp
-  command  :allow
-end
-
-firewall_rule 'hubot_express_botka_xmpp' do
-  port     8082
-  protocol :tcp
-  command  :allow
-end
-
-firewall_rule 'hubot_express_schlupp_xmpp' do
-  port     8083
-  protocol :tcp
-  command  :allow
-end