Combine evolix and additional trusted IP addresses
This commit is contained in:
parent
eaff68a9e5
commit
8ef9554746
|
@ -1,5 +1,8 @@
|
||||||
---
|
---
|
||||||
apache_ipaddr_whitelist_present: []
|
evolix_trusted_ips: []
|
||||||
|
additional_trusted_ips: []
|
||||||
|
# Let's merge evolix_trusted_ips with additional_trusted_ips
|
||||||
|
apache_ipaddr_whitelist_present: "{{ evolix_trusted_ips | union(additional_trusted_ips) | unique }}"
|
||||||
apache_ipaddr_whitelist_absent: []
|
apache_ipaddr_whitelist_absent: []
|
||||||
|
|
||||||
apache_private_htpasswd_present: []
|
apache_private_htpasswd_present: []
|
||||||
|
|
|
@ -108,7 +108,10 @@ evolinux_evomaintenance_include: True
|
||||||
|
|
||||||
evolinux_ssh_include: True
|
evolinux_ssh_include: True
|
||||||
|
|
||||||
evolinux_ssh_password_auth_addresses: []
|
evolix_trusted_ips: []
|
||||||
|
additional_trusted_ips: []
|
||||||
|
# Let's merge evolix_trusted_ips with additional_trusted_ips
|
||||||
|
evolinux_ssh_password_auth_addresses: "{{ evolix_trusted_ips | union(additional_trusted_ips) | unique }}"
|
||||||
evolinux_ssh_match_address: True
|
evolinux_ssh_match_address: True
|
||||||
evolinux_ssh_disable_acceptenv: True
|
evolinux_ssh_disable_acceptenv: True
|
||||||
evolinux_ssh_allow_current_user: False
|
evolinux_ssh_allow_current_user: False
|
||||||
|
|
|
@ -17,4 +17,7 @@ evomaintenance_urgency_tel: "06.00.00.00.00"
|
||||||
|
|
||||||
evomaintenance_realm: "{{ ansible_domain }}"
|
evomaintenance_realm: "{{ ansible_domain }}"
|
||||||
|
|
||||||
evomaintenance_hosts: []
|
evolix_trusted_ips: []
|
||||||
|
additional_trusted_ips: []
|
||||||
|
# Let's merge evolix_trusted_ips with additional_trusted_ips
|
||||||
|
evomaintenance_hosts: "{{ evolix_trusted_ips | union(additional_trusted_ips) | unique }}"
|
||||||
|
|
|
@ -1,6 +1,11 @@
|
||||||
---
|
---
|
||||||
general_alert_email: "root@localhost"
|
general_alert_email: "root@localhost"
|
||||||
fail2ban_alert_email: Null
|
fail2ban_alert_email: Null
|
||||||
fail2ban_ignore_ips: []
|
|
||||||
|
evolix_trusted_ips: []
|
||||||
|
additional_trusted_ips: []
|
||||||
|
# Let's merge evolix_trusted_ips with additional_trusted_ips
|
||||||
|
fail2ban_ignore_ips: "{{ evolix_trusted_ips | union(additional_trusted_ips) | unique }}"
|
||||||
|
|
||||||
fail2ban_wordpress: False
|
fail2ban_wordpress: False
|
||||||
fail2ban_roundcube: False
|
fail2ban_roundcube: False
|
||||||
|
|
|
@ -6,7 +6,12 @@ minifirewall_checkout_path: "/tmp/minifirewall"
|
||||||
minifirewall_int: "{{ ansible_default_ipv4.interface }}"
|
minifirewall_int: "{{ ansible_default_ipv4.interface }}"
|
||||||
minifirewall_ipv6: "on"
|
minifirewall_ipv6: "on"
|
||||||
minifirewall_intlan: "{{ ansible_default_ipv4.address }}/32"
|
minifirewall_intlan: "{{ ansible_default_ipv4.address }}/32"
|
||||||
minifirewall_trusted_ips: ["0.0.0.0/0"]
|
|
||||||
|
evolix_trusted_ips: []
|
||||||
|
additional_trusted_ips: []
|
||||||
|
# Let's merge evolix_trusted_ips with additional_trusted_ips
|
||||||
|
# and default to ['0.0.0.0/0'] if the result is still empty
|
||||||
|
minifirewall_trusted_ips: "{{ evolix_trusted_ips | union(additional_trusted_ips) | unique | default(['0.0.0.0/0'], true) }}"
|
||||||
minifirewall_privilegied_ips: []
|
minifirewall_privilegied_ips: []
|
||||||
|
|
||||||
minifirewall_protected_ports_tcp: [22]
|
minifirewall_protected_ports_tcp: [22]
|
||||||
|
|
|
@ -1,5 +1,8 @@
|
||||||
---
|
---
|
||||||
nagios_nrpe_allowed_hosts: []
|
evolix_trusted_ips: []
|
||||||
|
additional_trusted_ips: []
|
||||||
|
# Let's merge evolix_trusted_ips with additional_trusted_ips
|
||||||
|
nagios_nrpe_allowed_hosts: "{{ evolix_trusted_ips | union(additional_trusted_ips) | unique }}"
|
||||||
nagios_nrpe_ldap_dc: "dc=DOMAIN,dc=EXT"
|
nagios_nrpe_ldap_dc: "dc=DOMAIN,dc=EXT"
|
||||||
nagios_nrpe_ldap_passwd: LDAP_PASSWD
|
nagios_nrpe_ldap_passwd: LDAP_PASSWD
|
||||||
nagios_nrpe_pgsql_passwd: PGSQL_PASSWD
|
nagios_nrpe_pgsql_passwd: PGSQL_PASSWD
|
||||||
|
|
|
@ -3,7 +3,10 @@
|
||||||
nginx_minimal: False
|
nginx_minimal: False
|
||||||
nginx_jessie_backports: False
|
nginx_jessie_backports: False
|
||||||
|
|
||||||
nginx_ipaddr_whitelist_present: []
|
evolix_trusted_ips: []
|
||||||
|
additional_trusted_ips: []
|
||||||
|
# Let's merge evolix_trusted_ips with additional_trusted_ips
|
||||||
|
nginx_ipaddr_whitelist_present: "{{ evolix_trusted_ips | union(additional_trusted_ips) | unique }}"
|
||||||
nginx_ipaddr_whitelist_absent: []
|
nginx_ipaddr_whitelist_absent: []
|
||||||
|
|
||||||
nginx_private_htpasswd_present: []
|
nginx_private_htpasswd_present: []
|
||||||
|
|
Loading…
Reference in a new issue