Updated doc regarding the configuration of the front-web instance and its failover IP

docs/deployment/beta-deployment.md

@@ -8,7 +8,7 @@ The software is hosted on 5 machines, having the following hostnames and specs:
 * **es-2**: 30 GB RAM; 8 vCores; 200 GB SSD
 * **es-3**: 30 GB RAM; 8 vCores; 200 GB SSD
 
-The above machines exchanges information through a private LAN: `192.168.0.0/24`; `front-web` is the only instance which is directly connected to the Internet, through its WAN interface (`ens3`) and public IP address (`51.83.13.51`).
+The above machines exchanges information through a private LAN: `192.168.0.0/24`; `front-web` is the only instance which is directly connected to the Internet, through its WAN interface `ens3` and public IP addresses : `51.83.13.51` (standard), `91.121.35.236` (failover).
 
 The following diagram provides a sketch of the various applications hosted by infrastructure: ![beta-deployment](../assets/beta-deployment.png)
 
@@ -36,6 +36,7 @@ The relevant configuration is stored within the file `/etc/iptables/rules.v4`:
 :OUTPUT ACCEPT [683:49410]
 :POSTROUTING ACCEPT [683:49410]
 -A POSTROUTING -s 192.168.0.0/24 -o ens3 -j MASQUERADE
+-A POSTROUTING -o ens3 -j SNAT --to-source 91.121.35.236
 COMMIT
 
 *filter
@@ -50,6 +51,8 @@ COMMIT
 -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "in order to receive responses to outgoing requests" -j ACCEPT
 -A INPUT -d 51.83.13.51/32 -i ens3 -p tcp -m tcp --dport 443 -j ACCEPT
 -A INPUT -d 51.83.13.51/32 -i ens3 -p tcp -m tcp --dport 80 -j ACCEPT
+-A INPUT -d 91.121.35.236/32 -i ens3 -p tcp -m tcp --dport 443 -j ACCEPT
+-A INPUT -d 91.121.35.236/32 -i ens3 -p tcp -m tcp --dport 80 -j ACCEPT
 COMMIT
 ```