David Prevot
61f2096fad
Allow more --check runs
...
Use “when: not ansible_check_mode” or “when <file>.stat.exists or not
ansible_check_mode” in order to provide a meaningful diff if possible.
This is an improvement from the previously reverted commit
1728eaee68
.
2022-12-23 16:20:06 +01:00
Jérémy Lecour
1728eaee68
Revert "Add “when: not ansible_check_mode” to allow more --check"
...
gitea/ansible-roles/pipeline/head This commit looks good
This reverts commit fafff25c20
.
This reverts commit e64471c5a8084f95a8e6f955d3fa918c55b8e846.
2022-12-14 07:41:18 +01:00
David Prevot
fafff25c20
Add “when: not ansible_check_mode” to allow more --check
gitea/ansible-roles/pipeline/head This commit looks good
2022-12-02 17:40:43 +01:00
Jérémy Lecour
3c1ec588fd
minifirewall: use handlers to restart minifirewall
gitea/ansible-roles/pipeline/head This commit looks good
2022-09-09 16:09:48 +02:00
Jérémy Lecour
205e699355
minifirewall: docker mode is configurable
continuous-integration/drone/push Build is passing
2022-06-22 17:20:15 +02:00
Jérémy Lecour
f01f4dece6
minifirewall: add debug for variables
continuous-integration/drone/push Build is passing
2022-05-17 11:19:13 +02:00
Jérémy Lecour
dd2072b86b
minifirewall: fix failed_when conditions on restart
continuous-integration/drone/push Build is passing
2022-05-10 16:40:45 +02:00
Jérémy Lecour
61cd2b7428
minifirewall: upstream release 22.04
continuous-integration/drone/push Build is passing
2022-04-28 19:14:31 +02:00
Jérémy Lecour
a53159c93b
minifirewall: compatibility with "legacy" version of minifirewall
continuous-integration/drone/push Build is passing
2022-04-28 12:40:02 +02:00
Jérémy Lecour
31c2629d31
minifirewall: configure proxy/backup/sysctl values
continuous-integration/drone/push Build was killed
2022-03-30 09:42:56 +02:00
Jérémy Lecour
1ae978c74a
minifirewall: restore "force-restart" and fix "restart-if-needed"
continuous-integration/drone/push Build was killed
2022-03-28 13:27:22 +02:00
Jérémy Lecour
85d429295f
minifirewall: tail template follows symlinks
continuous-integration/drone/push Build was killed
2022-03-25 18:12:24 +01:00
Jérémy Lecour
8a9faa0250
* minifirewall: upstream release 22.03.2
continuous-integration/drone/push Build was killed
2022-03-16 23:49:34 +01:00
Jérémy Lecour
ba90203f21
minifirewall: upstream release 22.03.1 and use includes directory
continuous-integration/drone/push Build was killed
2022-03-15 23:07:33 +01:00
Jérémy Lecour
02451f1e67
add default (useless) value for file lookup
continuous-integration/drone/push Build is passing
2021-05-19 14:35:08 +02:00
Jérémy Lecour
2ed77c60f0
Improve Ansible syntax
...
replace « x | changed » by « x is changed »
add explicit « bool » filter
use « length » filter instead of string comparison
2021-05-09 23:06:42 +02:00
Jérémy Lecour
5138065059
Use 'loop' syntax instead of 'with_items'
2021-05-04 14:19:18 +02:00
Jérémy Lecour
debc4a82ca
Use 'loop' syntax instead of 'with_first_found'
continuous-integration/drone/push Build is passing
2021-05-04 13:39:47 +02:00
Jérémy Lecour
4d6f88f0f4
minifirewall: add variables to force upgrade the script and the config (default: False)
continuous-integration/drone/push Build is passing
2020-12-07 17:23:37 +01:00
Jérémy Lecour
84bd3372d5
blockinfile: change from "content" to "block"
...
continuous-integration/drone/push Build is passing
It solves the diff bug :
https://github.com/ansible/ansible/issues/62315
2020-12-02 15:22:35 +01:00
Jérémy Lecour
9aa24f4cde
minifirewall: Docker support
continuous-integration/drone/push Build is passing
2020-12-01 22:47:38 +01:00
Jérémy Lecour
ac7ee86a9c
minifirewall: /bin/true command doesn't report "changed" anymore
continuous-integration/drone/push Build is passing
2020-05-11 15:23:52 +02:00
Ludovic Poujol
7a865b0ace
minifirewall: Properly detect alert5.sh to turn on firewall at boot
continuous-integration/drone/push Build is passing
2020-02-17 16:36:48 +01:00
Ludovic Poujol
704b76e6de
minifirewall: Properly detect alert5.sh to turn on firewall at boot
continuous-integration/drone/push Build is passing
2020-02-17 16:02:48 +01:00
Jérémy Lecour
f57af13349
minifirewall: better alert5 activation
continuous-integration/drone/push Build is passing
2020-02-10 10:36:00 +01:00
Jérémy Lecour
bf7de332ea
minifirewall: fix warnings ansible-lint
2020-01-08 17:19:13 +01:00
Jérémy Lecour
27e217467e
Change "|changed" with "is changed"
2019-12-31 16:18:56 +01:00
Jérémy Lecour
e04d881988
replace "with_items" in apt modules
2019-12-31 16:18:56 +01:00
Victor LABORIE
6f5e13f8b8
Add evolix prefix to include_role
2019-11-29 14:00:25 +01:00
Jérémy Lecour
7e50a460a8
minifirewall: add a variable to force the check scripts update
continuous-integration/drone/push Build is passing
2019-11-05 10:52:14 +01:00
Jérémy Lecour
bd8644ae60
whitespaces
2019-05-14 14:03:03 +02:00
Jérémy Lecour
a94c94018c
normalize some arguments positions
2019-01-01 20:02:50 +01:00
Jérémy Lecour
2bcc1133c0
minifirewall: all variables are configurable
...
By default, a Null value keeps the variable current value as-is.
Set an Array (can be empty) to replace the value.
2018-12-04 14:49:50 +01:00
Jérémy Lecour
50e16e0dee
minifirewall: compare config before/after (for restart condition)
2018-12-04 14:46:32 +01:00
Jérémy Lecour
c3e4a78442
minifirewall: main file is configurable
2018-12-04 14:45:48 +01:00
Patrick Marchand
9198c1e2c0
ansible-lint does not like trailing whitespace
2018-11-13 16:56:31 -05:00
Jérémy Lecour
c25c3c6a31
minifirewall: improve variables values and documentation
2018-08-30 17:06:21 +02:00
Jérémy Lecour
9787328a0b
minifirewall: add a variable to force a restart of the firewall
2018-08-30 17:05:30 +02:00
Jérémy Lecour
96cd04ae40
minifirewall: add a variable to disable the restart handler
2018-08-30 17:04:14 +02:00
Jérémy Lecour
d67abef13d
minifirewall: the tail file can be overwritten, or not
2018-06-04 16:31:36 +02:00
Jérémy Lecour
831b733dfe
minifirewall: nrpe/sudo config only if possible
2018-04-06 10:35:43 +02:00
Jérémy Lecour
e984e46b83
minifirewall: nagios plugins directory is configurable
2018-04-06 09:52:18 +02:00
Jérémy Lecour
03c53433d6
Add minifirewal_status and check_minifirewall
...
minifirewall_status returns "started" on stdout and exit code 0,
or "stopped" on stdout and exit code 1. The state of minifirewall
is determined by looking for common iptables rules applied by
minifirewall.
check_minifirewall is an NRPE plugin for minifirewall. It returns:
* 0 (OK) if the firewall state is consistent with its configuration
(from the alert5 script)
* 1 (WARNING) if the firewall is started but alert5 is not configured
properly
* 2 (CRITICAL) if the firewall is not running but it should be.
2018-04-06 09:52:18 +02:00
Jérémy Lecour
bcd3553cbb
minifirewall: add debug for variables
2017-11-26 12:32:33 +01:00
Jérémy Lecour
97b0225232
Minifirewall can deal with evomaintenance
...
Each role has to know how to deal with the other.
Otherwise, depending on order of execution, the firewall might not
allow connections for evomaintenance
2017-10-08 00:00:24 +02:00
Jérémy Lecour
98c5619721
minifirewall: install dependencies in install.yml
2017-10-08 00:00:24 +02:00
Gregory Colpart
b4130797cb
ensure iptables is installed
2017-09-29 01:43:31 +02:00
Jérémy Lecour
685282bf93
minifirewall: fallback when no trusted ip is provided
2017-09-14 14:26:44 +02:00
Jérémy Lecour
c97110f865
minifirewall: embed files instead of git clone
2017-07-27 22:55:07 -04:00
Jérémy Lecour
b2278a151c
minifirewall: merge the "tail" pattern back into the main role
2017-07-13 15:06:49 +02:00