Compare commits
2 commits
48ea75957d
...
55745e1a62
Author | SHA1 | Date | |
---|---|---|---|
Jérémy Dubois | 55745e1a62 | ||
Jérémy Dubois | 8a2111561f |
|
@ -1,11 +1,9 @@
|
||||||
---
|
---
|
||||||
evolix_trusted_ips: []
|
nagios_nrpe_default_allowed_hosts: []
|
||||||
additional_trusted_ips: []
|
nagios_nrpe_additional_allowed_hosts: []
|
||||||
# Let's merge evolix_trusted_ips with additional_trusted_ips
|
|
||||||
nagios_nrpe_allowed_hosts:
|
nagios_nrpe_allowed_hosts:
|
||||||
"{{ evolix_trusted_ips | union(additional_trusted_ips) | unique }}"
|
"{{ nagios_nrpe_default_allowed_hosts
|
||||||
nagios_nrpe_ldap_dc: "dc=DOMAIN,dc=EXT"
|
| union(nagios_nrpe_additional_allowed_hosts) | unique }}"
|
||||||
nagios_nrpe_ldap_passwd: LDAP_PASSWD
|
|
||||||
nagios_nrpe_pgsql_passwd: PGSQL_PASSWD
|
nagios_nrpe_pgsql_passwd: PGSQL_PASSWD
|
||||||
nagios_nrpe_amavis_from: "foobar@{{ ansible_domain }}"
|
nagios_nrpe_amavis_from: "foobar@{{ ansible_domain }}"
|
||||||
|
|
||||||
|
|
13
roles/pf/README.md
Normal file
13
roles/pf/README.md
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
# PacketFilter
|
||||||
|
|
||||||
|
Custom configuration of PacketFilter.
|
||||||
|
|
||||||
|
## Tasks
|
||||||
|
|
||||||
|
Everything is in the `tasks/main.yml` file.
|
||||||
|
|
||||||
|
## Available variables
|
||||||
|
|
||||||
|
* `pf_trusted_ips` : list of IP trusted for important access (default: all).
|
||||||
|
|
||||||
|
The full list of variables (with default values) can be found in `defaults/main.yml`.
|
9
roles/pf/defaults/main.yml
Normal file
9
roles/pf/defaults/main.yml
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
pf_default_trusted_ips: []
|
||||||
|
pf_additional_trusted_ips: []
|
||||||
|
# and default to ['0.0.0.0/0'] if the result is still empty
|
||||||
|
pf_trusted_ips:
|
||||||
|
"{{ pf_default_trusted_ips | union(pf_additional_trusted_ips)
|
||||||
|
| unique | join(', ')
|
||||||
|
| default(['0.0.0.0/0'], true) }}"
|
|
@ -12,7 +12,7 @@ ext_if="{{ ansible_default_ipv4.device }}"
|
||||||
###########################
|
###########################
|
||||||
|
|
||||||
# Evolix
|
# Evolix
|
||||||
table <evolix> { 88.179.18.233, 31.170.9.129, 31.170.8.4 }
|
table <evolix> { {{ pf_trusted_ips }} }
|
||||||
|
|
||||||
# Port en entrée
|
# Port en entrée
|
||||||
# 2222 = ssh secondaire
|
# 2222 = ssh secondaire
|
||||||
|
|
Loading…
Reference in a new issue