From 79ce71d8eafa69111784f0f7d0c76384ea9f31cf Mon Sep 17 00:00:00 2001
From: Karol Babioch <kbabioch@suse.de>
Date: Nov 14 2019 06:31:06 +0000
Subject: Only open ports for monitoring for VPN tunnel


The monitoring host accesses this system via the dedicated VPN tunnel.
Opening the ports only on this interface, will make sure that we notice
a wrong routing, etc. pp.

---

diff --git a/pillar/id/slimhat_infra_opensuse_org.sls b/pillar/id/slimhat_infra_opensuse_org.sls
index 44ab4c9..ee91935 100644
--- a/pillar/id/slimhat_infra_opensuse_org.sls
+++ b/pillar/id/slimhat_infra_opensuse_org.sls
@@ -59,10 +59,6 @@ firewalld:
         - 72.14.176.247
       services:
         - ssh
-      ports:
-        tcp:
-          - 5666
-          - 6556
     # NOT USED ZONES -- let it be to keep them clear and not attached to any
     # interface or sources and without any service declared.
     public: