Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
slapos.package
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Arnaud Véron
slapos.package
Commits
4ab4468f
Commit
4ab4468f
authored
Jul 21, 2017
by
Rafael Monnerat
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
local-frontend: Initiall Proof of concept
parent
a63a468a
Changes
8
Show whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
70 additions
and
0 deletions
+70
-0
playbook/local-frontend.yml
playbook/local-frontend.yml
+9
-0
playbook/roles/shorewall/files/interfaces
playbook/roles/shorewall/files/interfaces
+4
-0
playbook/roles/shorewall/files/policy
playbook/roles/shorewall/files/policy
+7
-0
playbook/roles/shorewall/files/zones
playbook/roles/shorewall/files/zones
+6
-0
playbook/roles/shorewall/tasks/main.yml
playbook/roles/shorewall/tasks/main.yml
+12
-0
playbook/roles/shorewall/templates/masq
playbook/roles/shorewall/templates/masq
+3
-0
playbook/roles/shorewall/templates/rules
playbook/roles/shorewall/templates/rules
+12
-0
playbook/shorewall-frontend.yml
playbook/shorewall-frontend.yml
+17
-0
No files found.
playbook/local-frontend.yml
0 → 100644
View file @
4ab4468f
-
name
:
a play that runs entirely on the ansible host
hosts
:
127.0.0.1
connection
:
local
roles
:
-
{
role
:
package
,
package_name
:
radvd
,
package_state
:
present
}
-
{
role
:
package
,
package_name
:
dnsmasq
,
package_state
:
present
}
playbook/roles/shorewall/files/interfaces
0 → 100644
View file @
4ab4468f
###############################################################################
#ZONE INTERFACE BROADCAST OPTIONS
net eth0 detect routeback
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
playbook/roles/shorewall/files/policy
0 → 100644
View file @
4ab4468f
###############################################################################
#SOURCE DEST POLICY LOG LEVEL LIMIT:BURST
$FW net ACCEPT
net all ACCEPT
# The FOLLOWING POLICY MUST BE LAST
all all ACCEPT
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
playbook/roles/shorewall/files/zones
0 → 100644
View file @
4ab4468f
##############################################################################
#ZONE TYPE OPTIONS IN OUT
# OPTIONS OPTIONS
fw firewall
net ipv4
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
playbook/roles/shorewall/tasks/main.yml
0 → 100644
View file @
4ab4468f
-
name
:
Copy files
copy
:
src={{ item }} dest=/etc/shorewall/{{ item }} mode=660
with_items
:
-
interfaces
-
policy
-
zones
-
name
:
copy templates
template
:
src={{ item }} dest=/etc/shorewall/{{ item }} mode=660
with_items
:
-
masq
-
rules
playbook/roles/shorewall/templates/masq
0 → 100644
View file @
4ab4468f
#INTERFACE SOURCE ADDRESS PROTO PORT
eth0:{{ local_ipv4 }} 0.0.0.0/0 {{ public_ipv4 }} tcp 4443
eth0:{{ local_ipv4 }} 0.0.0.0/0 {{ public_ipv4 }} tcp 8080
playbook/roles/shorewall/templates/rules
0 → 100644
View file @
4ab4468f
#############################################################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/
# PORT PORT(S) DEST LIMIT GROUP
Ping/ACCEPT net $FW
# ssh (the most important thing...)
ACCEPT net $FW tcp 22
ACCEPT net $FW tcp 1194
# Access local slapos services
# slappart16
DNAT net $FW:{{ local_ipv4 }}:4443 tcp 443
DNAT net $FW:{{ local_ipv4 }}:8080 tcp 80
playbook/shorewall-frontend.yml
0 → 100644
View file @
4ab4468f
-
name
:
a play that runs entirely on the ansible host
hosts
:
127.0.0.1
connection
:
local
vars_prompt
:
-
name
:
"
local_ipv4"
prompt
:
"
IPv4
of
apache"
private
:
no
-
name
:
"
public_ipv4"
prompt
:
"
IPv4
on
eth0"
private
:
no
roles
:
-
shorewall
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment