debfranca
/
ansible-roles
forked from ISTI-ansible-roles/ansible-roles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,868 Commits 1 Branch 0 Tags 525 MiB
Commit Graph

33 Commits

Author SHA1 Message Date
Andrea Dell'Amico 8156a3883b Change the iptables rules.v4 template to support specific policies and to automatically reject the traffic for not allowed addresses. 2018-11-27 18:27:53 +01:00
Andrea Dell'Amico 7f46f6f88e library/roles/iptables/templates/iptables-rules.v4.j2: Firewall rules for prometheus. 2018-02-07 16:52:55 +01:00
Andrea Dell'Amico d1672fe4fb library/roles/iptables/templates/iptables-rules.v4.j2: Do not fail if ganglia_unicast_mode is not defined. 2018-01-25 20:17:58 +01:00
Andrea Dell'Amico 69f14daa94 library/roles/iptables/templates/iptables-rules.v4.j2: Fix a conditional. 2018-01-16 17:03:54 +01:00
Andrea Dell'Amico 56fc118e9d iptables: in the tcp or udp rules, the allowed_hosts variables can be a list. 2017-10-20 17:46:21 +02:00
Andrea Dell'Amico 892a05256a library/roles/iptables/templates/iptables-rules.v4.j2: Fix a mistake where the task failed when psql_db_data was not defined. 2017-03-07 13:12:01 +01:00
Andrea Dell'Amico ba12f3dba8 library/roles/iptables/templates/iptables-rules.v4.j2: Fix a typo. 2016-12-14 18:32:05 +01:00
Andrea Dell'Amico d32a1e99c6 library/roles/iptables/templates/iptables-rules.v4.j2: Add a rule to add ANY rules. 2016-12-14 16:09:39 +01:00
Andrea Dell'Amico 86b510e7d5 d4science-ghn-cluster: New variabiles to cover the orientdb configuration. 
library/roles/iptables/templates/iptables-rules.v4.j2: rule to support orientdb multicast configuration.
library/roles/orientdb: Template all the configuration files. Move the database and log directory out of the distribution.
 2016-09-28 19:19:51 +02:00
Andrea Dell'Amico 80132d9e80 library/roles/iptables/templates/iptables-rules.v4.j2: The tomcat cluster rules need more flexibility. 2016-09-12 11:56:19 +02:00
Andrea Dell'Amico 36d88eb220 library/roles/iptables/templates/iptables-rules.v4.j2: Do not duplicate the http (port 80) rule when letsencrypt is active. 2016-08-04 16:56:59 +02:00
Andrea Dell'Amico 487572aa6e library/roles/ganglia: Change templates and defaults to support an unicast configuration. 
library/roles/iptables: Rules to support a ganglia configuration that runs over unicast and not multicast.
 2016-07-12 19:15:00 +02:00
Andrea Dell'Amico 2544a66b68 library/roles/iptables/templates/iptables-rules.v4.j2: If we are going to install letsencrypt, open the port 80/tcp to the world. 2016-07-12 15:33:46 +02:00
Andrea Dell'Amico a4159b2769 library/roles/iptables: Rules for the keepalived communications. 
library/roles/keepalived: Role that installs and configures keepalived. The template is specific for the haproxy use case.
 2016-07-05 18:29:03 +02:00
Andrea Dell'Amico d975326a1b library/roles/iptables/templates/iptables-rules.v4.j2: More conditionals for the postgres and mysql rules. 2016-06-22 18:02:28 +02:00
Andrea Dell'Amico b465587c3c library/roles/iptables/templates/iptables-rules.v4.j2: fix the template so that it manages NAT correctly. 2016-06-11 16:56:12 +02:00
Andrea Dell'Amico 1dbe0c9209 library/roles/iptables: Manage NAT and different defaults for INPUT and FORWARD chains. 2016-06-11 15:24:48 +02:00
Andrea Dell'Amico 93de42a333 d4science-ghn-cluster: new infra dev VM. liferay cluster. 
library/roles/iptables: snippet for the multicast part of tomcat clustering.
 2016-05-25 15:56:05 +02:00
Andrea Dell'Amico 7a4e60ff33 library/roles/iptables/templates/iptables-rules.v4.j2: move the blacklist rules before anything else. 2015-10-23 19:45:07 +02:00
Andrea Dell'Amico aa1ad48c46 library/roles/iptables: Support for blacklists of ip/networks. Optionally with associated protocol, source port and destination port. 2015-10-23 16:01:53 +02:00
Andrea Dell'Amico 97e9d1d055 library/roles/iptables/templates/iptables-rules.v4.j2: Do not assume that the variables that rule specific services are defined. 
dnet-efg/portal.yml: Add the basic steps to install drupal.
 2015-10-15 18:43:28 +02:00
Andrea Dell'Amico 8e104cec4a library/vars/isti-global.yml: Install and configure munin by default. 2015-10-14 14:47:23 +02:00
Andrea Dell'Amico 478dba36c0 dnet-openaire/group_vars/parthenos_mapping_dev/mapping.yml: Do not setup the SMTP relay iptables rules 2015-10-12 11:13:53 +02:00
Andrea Dell'Amico e090edee15 infrastructure-services/group_vars/all/all.yml: remove redundant variables. 2015-10-10 09:03:24 +02:00
Andrea Dell'Amico 304a25e564 library/roles/iptables: do not set ganglia or nagios rules if not explicitly told. 
d4science-ghn-cluster/roles/smartgears: specific tasks to manage the egi images
d4science-ghn-cluster/roles/smartgears/templates/smartgears-setup.sh.j2: script to setup the container when the image is first activated.
 2015-10-07 14:48:22 +02:00
Andrea Dell'Amico 10441129fc library/roles/dnet_user_services_perms: Manage more directories. Logs in /var/log/dnet 
library/roles/iptables/templates/iptables-rules.v6.j2: Fix the reject options
library/roles/tomcat: Install a catalina.properties that matches the one used by the multiple instances role
library/roles/tomcat/templates/tomcat-server.xml.j2: Do not generate a random password when the shutdown port is disabled
 2015-07-16 13:25:02 +02:00
Andrea Dell'Amico 6eb98527ba library/roles/iptables/templates/iptables-rules.v4.j2: manage multiple IPs for the nagios server. 
library/roles/iptables/templates/iptables-rules.v6.j2: set the same policy used by the ipv4 rules.
 2015-07-15 13:59:23 +02:00
Andrea Dell'Amico e1180b39a7 library/roles/mysql: better backup script. Now supports nagios and a retain interval. 
library/roles/iptables: special case for ldap.
library/roles/openldap-server: first bits of a openldap role
 2015-07-14 00:30:49 +02:00
Andrea Dell'Amico d37840100e Various fixes to the library roles. 2015-07-13 14:17:42 +02:00
Andrea Dell'Amico e53c5a3f63 library/roles/postgresql: Fix the configuration tasks to use the configfile module 
library/roles/iptables: Create rules for postgresql even if the service listens on localhost only.
 2015-06-22 14:49:59 +02:00
Andrea Dell'Amico d69a92292c library: small fixes. 
d4science-gcube/roles/mediawiki_setup/templates/nginx-mediawiki.j2: First attempt at a nginx ssl config.
 2015-06-14 23:39:13 +02:00
Andrea Dell'Amico b9d50790cd d4science-ghn-cluster: We now manage the iptables firewall on the mongodb cluster. 
library/roles: separate task that sets the hostname
library/vars/isti-global.yml: add the d4science partners networks as a common variable.
 2015-06-11 16:32:01 +02:00
Andrea Dell'Amico 73d37f81a6 Major refactoring. Moved all the library roles under 'library/roles' and changed all the occurrances inside all the playbooks. 2015-05-28 11:32:57 +02:00