From 0ca9152d613ea54dd9f69a0bfd5d8cb4839db47e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aur=C3=A9lien=20Bompard?= <aurelien@bompard.org>
Date: Tue, 24 Jun 2025 18:18:20 +0200
Subject: [PATCH] Open firewall for rabbitmq in RDU3
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
---
 inventory/group_vars/rabbitmq | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/inventory/group_vars/rabbitmq b/inventory/group_vars/rabbitmq
index 7ccaa88de4..1bb6fdc948 100644
--- a/inventory/group_vars/rabbitmq
+++ b/inventory/group_vars/rabbitmq
@@ -4,6 +4,8 @@ custom_rules: [
   '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
   # Inter-node traffic
   '-A INPUT -p tcp -m tcp -s 10.3.163.78 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.79 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.80 --dport 25672 -j ACCEPT']
+  # Same but in RDU3
+  '-A INPUT -p tcp -m tcp -s 10.16.163.78 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.16.163.79 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.16.163.80 --dport 25672 -j ACCEPT']
 nft_custom_rules:
   # Neeed for rsync from log01 for logs.
   - 'add rule ip filter INPUT ip saddr 10.3.163.39  tcp dport 873 counter accept'
@@ -12,6 +14,10 @@ nft_custom_rules:
   - 'add rule ip filter INPUT ip saddr 10.3.163.78 tcp dport 25672 counter accept'
   - 'add rule ip filter INPUT ip saddr 10.3.163.79 tcp dport 25672 counter accept'
   - 'add rule ip filter INPUT ip saddr 10.3.163.80 tcp dport 25672 counter accept'
+  # In RDU3
+  - 'add rule ip filter INPUT ip saddr 10.16.163.78 tcp dport 25672 counter accept'
+  - 'add rule ip filter INPUT ip saddr 10.16.163.79 tcp dport 25672 counter accept'
+  - 'add rule ip filter INPUT ip saddr 10.16.163.80 tcp dport 25672 counter accept'
 ipa_host_group: rabbitmq
 ipa_host_group_desc: RabbitMQ service
 ipa_shell_groups: