ldap, internal CA, internal webserver, dns, etc.

author: Elizabeth Hunt <elizabeth.hunt@simponic.xyz> 2024-01-05 16:13:01 -0500
committer: Elizabeth Hunt <elizabeth.hunt@simponic.xyz> 2024-01-05 16:13:01 -0500
commit: fb0b3914086484d9284426985984e2c1699ba557 (patch)
tree: 963a2288a3b33f389972a78efaf3b6462bbe1925 /roles/vpn/files/config
parent: b62d5f559b81556a1dd6197c72a0c43ba1744477 (diff)
download: oldinfra-fb0b3914086484d9284426985984e2c1699ba557.tar.gz
oldinfra-fb0b3914086484d9284426985984e2c1699ba557.zip
1 files changed, 9 insertions, 2 deletions
diff --git a/roles/vpn/files/config/acl.json b/roles/vpn/files/config/acl.json
index 2dbb13a..7c28276 100644
--- a/roles/vpn/files/config/acl.json
+++ b/roles/vpn/files/config/acl.json
@@ -1,6 +1,7 @@
 {
   "groups": {
-    "group:admin": ["elizabeth.hunt"]
+    "group:admin": ["elizabeth.hunt"],
+    "group:sys": ["sys"]
   },
   "tagOwners": {
     "tag:prod": ["group:admin"],
@@ -14,8 +15,14 @@
       "dst": [
         "tag:dev:*",
         "tag:private:*",
-        "tag:prod:*"
+        "tag:prod:*",
+        "group:sys:*"
       ]
+    },
+    {
+      "action": "accept",
+      "src": ["group:sys"],
+      "dst": ["group:sys:*"]
     }
   ]
 }
author	Elizabeth Hunt <elizabeth.hunt@simponic.xyz>	2024-01-05 16:13:01 -0500
committer	Elizabeth Hunt <elizabeth.hunt@simponic.xyz>	2024-01-05 16:13:01 -0500
commit	fb0b3914086484d9284426985984e2c1699ba557 (patch)
tree	963a2288a3b33f389972a78efaf3b6462bbe1925 /roles/vpn/files/config
parent	b62d5f559b81556a1dd6197c72a0c43ba1744477 (diff)
download	oldinfra-fb0b3914086484d9284426985984e2c1699ba557.tar.gz oldinfra-fb0b3914086484d9284426985984e2c1699ba557.zip