Add a firewall rule to allow clients to connect

Previously it was not an issue because services that connected to the
PostgreSQL primary were also on the same server as a standby server.

site-cookbooks/kosmos-postgresql/recipes/default.rb

@@ -64,6 +64,13 @@ postgresql_clients.each do |client|
     access_method "md5"
     notifies :reload, "service[#{postgresql_service}]", :immediately
   end
+
+  firewall_rule "postgresql #{hostname}" do
+    port        5432
+    protocol    :tcp
+    command     :allow
+    source ip
+  end
 end
 
 postgresql_replicas.each do |replica|