From 97e9d1d05591b77d532fc67a4add7f1680ab1757 Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Thu, 15 Oct 2015 18:42:08 +0200 Subject: [PATCH] library/roles/iptables/templates/iptables-rules.v4.j2: Do not assume that the variables that rule specific services are defined. dnet-efg/portal.yml: Add the basic steps to install drupal. --- iptables/templates/iptables-rules.v4.j2 | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/iptables/templates/iptables-rules.v4.j2 b/iptables/templates/iptables-rules.v4.j2 index 1b55c9cb..270556dd 100644 --- a/iptables/templates/iptables-rules.v4.j2 +++ b/iptables/templates/iptables-rules.v4.j2 @@ -133,6 +133,7 @@ {% endif %} {% endif %} +{% if nagios_enabled is defined %} {% if nagios_enabled %} {% if nagios_monitoring_server_ip is defined %} {% for ip in nagios_monitoring_server_ip %} @@ -143,7 +144,9 @@ {% endfor %} {% endif %} {% endif %} +{% endif %} +{% if configure_munin is defined %} {% if configure_munin %} {% if munin_server %} {% for ip in munin_server %} @@ -152,7 +155,9 @@ {% endfor %} {% endif %} {% endif %} +{% endif %} +{% if ganglia_enabled is defined %} {% if ganglia_enabled %} {% if ganglia_gmond_cluster_port is defined %} # Ganglia @@ -166,7 +171,9 @@ -A INPUT -s {{ ganglia_gmetad_host }} -p udp -m udp --dport {{ ganglia_gmond_cluster_port }} -j ACCEPT {% endif %} {% endif %} +{% endif %} +{% if postfix_relay_server is defined %} {% if postfix_relay_server %} # # These are only needed on the machines that act as relay servers @@ -181,7 +188,9 @@ -A OUTPUT -p tcp -m multiport --dports 25,587,465 -m state --state NEW -j LOG --log-prefix "LOCAL_DROPPED_SPAM " --log-uid -A OUTPUT -p tcp -m multiport --dports 25,587,465 -j DROP {% endif %} -{% if not postfix_relay_server %} +{% endif %} +{% if postfix_relay_server is defined and not postfix_relay_server %} +{% if postfix_relay_client is defined%} {% if postfix_relay_client %} # # When we are not a relay server but we want send email using our relay @@ -191,6 +200,7 @@ -A OUTPUT -p tcp -m multiport --dports 25,587,465 -j DROP {% endif %} {% endif %} +{% endif %} {% if iptables is defined %} {% if iptables.tcp_rules is defined and iptables.tcp_rules %}