Jérémy Lecour
831b733dfe
minifirewall: nrpe/sudo config only if possible
2018-04-06 10:35:43 +02:00
Jérémy Lecour
e984e46b83
minifirewall: nagios plugins directory is configurable
2018-04-06 09:52:18 +02:00
Jérémy Lecour
03c53433d6
Add minifirewal_status and check_minifirewall
...
minifirewall_status returns "started" on stdout and exit code 0,
or "stopped" on stdout and exit code 1. The state of minifirewall
is determined by looking for common iptables rules applied by
minifirewall.
check_minifirewall is an NRPE plugin for minifirewall. It returns:
* 0 (OK) if the firewall state is consistent with its configuration
(from the alert5 script)
* 1 (WARNING) if the firewall is started but alert5 is not configured
properly
* 2 (CRITICAL) if the firewall is not running but it should be.
2018-04-06 09:52:18 +02:00
Jérémy Lecour
bcd3553cbb
minifirewall: add debug for variables
2017-11-26 12:32:33 +01:00
Jérémy Lecour
97b0225232
Minifirewall can deal with evomaintenance
...
Each role has to know how to deal with the other.
Otherwise, depending on order of execution, the firewall might not
allow connections for evomaintenance
2017-10-08 00:00:24 +02:00
Jérémy Lecour
98c5619721
minifirewall: install dependencies in install.yml
2017-10-08 00:00:24 +02:00
Gregory Colpart
b4130797cb
ensure iptables is installed
2017-09-29 01:43:31 +02:00
Jérémy Lecour
685282bf93
minifirewall: fallback when no trusted ip is provided
2017-09-14 14:26:44 +02:00
Jérémy Lecour
c97110f865
minifirewall: embed files instead of git clone
2017-07-27 22:55:07 -04:00
Jérémy Lecour
b2278a151c
minifirewall: merge the "tail" pattern back into the main role
2017-07-13 15:06:49 +02:00
Jérémy Lecour
9fae99f8dc
Minor syntax and whitespaces fixes
2017-05-19 22:29:53 +02:00
Victor LABORIE
584fdafa7e
minifirewall: fix config file right
2017-05-02 17:50:40 +02:00
Tristan PILAT
04a718c159
Add autostart option
2017-05-02 10:56:12 +02:00
Jérémy Lecour
86372199ec
minifirewall: simplify debug
2017-04-11 16:13:53 +02:00
Jérémy Lecour
cda0932aad
whitespaces
2017-03-30 16:05:46 +02:00
Jérémy Lecour
5b2ab0d8d3
Ansible >= 2.2 supported
2017-03-24 14:15:09 +01:00
Jérémy Lecour
5efb9b04e1
Minifirewall: ensure that at least 1 trusted IP is provided
2017-03-22 18:12:30 +01:00
Jérémy Lecour
1f653b1fdc
minifirewall: the return of the comments
2017-01-31 17:44:31 +01:00
Jérémy Lecour
dd432a9c11
minifirewall: restart manually (systemd unit is not working)
2017-01-31 17:43:10 +01:00
Jérémy Lecour
0273f2ad56
minifirewall: debug for current status
2017-01-31 17:42:32 +01:00
Jérémy Lecour
277de88d44
minifirewall: command → shell
2017-01-31 17:41:33 +01:00
Jérémy Lecour
8920ff1ee4
Add "always_run: yes" where it's pertinent
...
There is also the "check_mode: no", but commented,
for when we switch to Ansible 2.2
2017-01-31 11:45:35 +01:00
Jérémy Lecour
82a4faa578
Minifirewall: disable check_mode for status check
2017-01-10 14:35:26 +01:00
Jérémy Lecour
caf929b45b
minifirewall: forgot a double quote
2017-01-09 16:47:07 +01:00
Jérémy Lecour
8cc7a032c2
minifirewall: restart if needed
2017-01-09 16:38:59 +01:00
Jérémy Lecour
9570efcaed
Minifirewall: extend configuration abilities with blocks
2017-01-06 15:50:48 +01:00
Jérémy Lecour
c0ab8f99ce
Squash: conventions, evolinux, etc-git…
2016-12-21 16:12:30 +01:00