duplicate firewall exported resources

Add a duplicate of every @@Firewall resource with 'firewall6-*' prefix
to prepare for upgrading firewall module.

manifests/profile/haproxy.pp

@@ -139,6 +139,15 @@
     tag    => 'haproxy'
   }
 
+  @@firewall { "200 HTTP firewall6: HAProxy ${::hostname}":
+    proto  => 'tcp',
+    dport  => [80, 443],
+    source => $::ipaddress,
+    state  => 'NEW',
+    action => 'accept',
+    tag    => 'firewall6-haproxy'
+  }
+
   # HAProxy should listen for kubernetes connections.
   nebula::exposed_port { '200 kubectl':
     port  => 6443,

manifests/profile/prometheus.pp

@@ -241,6 +241,16 @@
         tag    => "${::datacenter}_prometheus_public_ipmi_exporter",
         dport  => 9290,
       ;
+
+      "010 prometheus public node exporter firewall6 ${::hostname} ${address}":
+        tag    => "firewall6-${::datacenter}_prometheus_public_node_exporter",
+        dport  => 9100,
+      ;
+
+      "010 prometheus public ipmi exporter firewall6 ${::hostname} ${address}":
+        tag    => "firewall6-${::datacenter}_prometheus_public_ipmi_exporter",
+        dport  => 9290,
+      ;
     }
   }
 

manifests/profile/prometheus/exporter/node.pp

@@ -157,6 +157,15 @@
       state  => 'NEW',
       action => 'accept',
     }
+
+    @@firewall { "300 pushgateway firewall6 ${::hostname} ${address}":
+      tag    => "firewall6-${monitoring_datacenter}_pushgateway_node",
+      proto  => 'tcp',
+      dport  => 9091,
+      source => $address,
+      state  => 'NEW',
+      action => 'accept',
+    }
   }
 
   ensure_packages(['curl', 'jq'])

manifests/unison/client.pp

@@ -43,4 +43,12 @@
     tag    =>  "unison-client-${title}"
   }
 
+  @@firewall { "200 Unison firewall6: ${title} ${::hostname}":
+    proto  => 'tcp',
+    dport  => [$port],
+    source => $::ipaddress,
+    state  => 'NEW',
+    action => 'accept',
+    tag    =>  "firewall6-unison-client-${title}"
+  }
 }