ansible-roles

Commit Graph

Author	SHA1	Message	Date
Ludovic Poujol	7a865b0ace	minifirewall: Properly detect alert5.sh to turn on firewall at boot	1 year ago
Ludovic Poujol	704b76e6de	minifirewall: Properly detect alert5.sh to turn on firewall at boot	1 year ago
Ludovic Poujol	02e8754d75	minifirewall: Backport changes from minifirewall (properly open outgoing smtp(s))	1 year ago
Jérémy Lecour	f57af13349	minifirewall: better alert5 activation	1 year ago
Jérémy Lecour	bf7de332ea	minifirewall: fix warnings ansible-lint	1 year ago
Jérémy Lecour	27e217467e	Change "\|changed" with "is changed"	1 year ago
Jérémy Lecour	e04d881988	replace "with_items" in apt modules	1 year ago
Victor LABORIE	6f5e13f8b8	Add evolix prefix to include_role	1 year ago
Jérémy Lecour	7e50a460a8	minifirewall: add a variable to force the check scripts update	1 year ago
Jérémy Lecour	5476538eb1	minifirewall: no http filtering by default	1 year ago
Benoît S.	755eaab60a	minifirewall: use systemctl is-enabled Fixes #66	1 year ago
Jérémy Lecour	bd8644ae60	whitespaces	1 year ago
Jérémy Lecour	aa28e9c1b8	change repositories URL	1 year ago
Jérémy Lecour	a94c94018c	normalize some arguments positions	2 years ago
Jérémy Lecour	2bcc1133c0	minifirewall: all variables are configurable By default, a Null value keeps the variable current value as-is. Set an Array (can be empty) to replace the value.	2 years ago
Jérémy Lecour	50e16e0dee	minifirewall: compare config before/after (for restart condition)	2 years ago
Jérémy Lecour	c3e4a78442	minifirewall: main file is configurable	2 years ago
Patrick Marchand	9198c1e2c0	ansible-lint does not like trailing whitespace	2 years ago
Jérémy Lecour	c25c3c6a31	minifirewall: improve variables values and documentation	2 years ago
Jérémy Lecour	9787328a0b	minifirewall: add a variable to force a restart of the firewall	2 years ago
Jérémy Lecour	96cd04ae40	minifirewall: add a variable to disable the restart handler	2 years ago
Jérémy Lecour	d67abef13d	minifirewall: the tail file can be overwritten, or not	2 years ago
Jérémy Lecour	831b733dfe	minifirewall: nrpe/sudo config only if possible	2 years ago
Jérémy Lecour	e984e46b83	minifirewall: nagios plugins directory is configurable	2 years ago
Jérémy Lecour	03c53433d6	Add minifirewal_status and check_minifirewall minifirewall_status returns "started" on stdout and exit code 0, or "stopped" on stdout and exit code 1. The state of minifirewall is determined by looking for common iptables rules applied by minifirewall. check_minifirewall is an NRPE plugin for minifirewall. It returns: * 0 (OK) if the firewall state is consistent with its configuration (from the alert5 script) * 1 (WARNING) if the firewall is started but alert5 is not configured properly * 2 (CRITICAL) if the firewall is not running but it should be.	2 years ago
Romain Dessort	0f12501760	Add security-cdn.debian.org to HTTPSITES whitelist Debian migrated its security.debian.org repository to Fastly CDN (security-cdn.debian.org) so we have to whitelist it too to make security upgrades possible.	3 years ago
Jérémy Lecour	aeba94bcba	default/additional variables List of hosts/ip are a combination of 2 lists allowing overrides	3 years ago
Ludovic Poujol	b90260ae28	minifirewall: Make outgoing SSH in IPv6 works	3 years ago
Jérémy Lecour	0dfc66683a	remove zidane.evolix.net from minifirewall	3 years ago
Jérémy Lecour	bcd3553cbb	minifirewall: add debug for variables	3 years ago
Jérémy Lecour	8ef9554746	Combine evolix and additional trusted IP addresses	3 years ago
Jérémy Lecour	97b0225232	Minifirewall can deal with evomaintenance Each role has to know how to deal with the other. Otherwise, depending on order of execution, the firewall might not allow connections for evomaintenance	3 years ago
Jérémy Lecour	98c5619721	minifirewall: install dependencies in install.yml	3 years ago
Jérémy Lecour	3d7a544820	minifirewall: restore default ports Copied from https://forge.evolix.org/projects/minifirewall/repository/revisions/master/entry/minifirewall.conf	3 years ago
Gregory Colpart	b4130797cb	ensure iptables is installed	3 years ago
Jérémy Lecour	685282bf93	minifirewall: fallback when no trusted ip is provided	3 years ago
Gregory Colpart	409ac0d503	ajust minfirewall default config (mostly let port 22 in public port to avoid failure during Ansible connection)	3 years ago
Jérémy Lecour	c97110f865	minifirewall: embed files instead of git clone	3 years ago
Jérémy Lecour	fc2bd395b9	Minifirewall: install Git for tests	3 years ago
Jérémy Lecour	b2278a151c	minifirewall: merge the "tail" pattern back into the main role	3 years ago
Gabriel Periard-Tremblay	87ebadcadd	Kitchen: Change base image to evolix/ansible	3 years ago
Jérémy Lecour	64fef56166	Minifirewall: add some context for tests	3 years ago
Jérémy Lecour	9fae99f8dc	Minor syntax and whitespaces fixes	3 years ago
Jérémy Lecour	033ebaa593	Add tests for many roles	3 years ago
Victor LABORIE	584fdafa7e	minifirewall: fix config file right	3 years ago
Tristan Pilat	04a718c159	Add autostart option	3 years ago
Jérémy Lecour	86372199ec	minifirewall: simplify debug	3 years ago
Jérémy Lecour	cda0932aad	whitespaces	3 years ago
Jérémy Lecour	5b2ab0d8d3	Ansible >= 2.2 supported	3 years ago
Jérémy Lecour	5efb9b04e1	Minifirewall: ensure that at least 1 trusted IP is provided	3 years ago

1 2

62 Commits (6c4f696ec5472309aa29fac0a4658daf0d43da0f)