Revert "os-proxies don't do keepalive anymore"
This reverts commit a2acf45321.
This commit is contained in:
Patrick Uiterwijk
parent
d75ad4c1b7
commit
5613ca9e80
2 changed files with 11 additions and 3 deletions
|
|
@ -9,10 +9,18 @@ tcp_ports: [
|
||||||
# For os routers
|
# For os routers
|
||||||
80,
|
80,
|
||||||
443,
|
443,
|
||||||
# For haproxy status
|
|
||||||
8080,
|
|
||||||
# For ks8 api
|
# For ks8 api
|
||||||
6443,
|
6443,
|
||||||
|
# For haproxy status
|
||||||
|
8080,
|
||||||
# For machinectl api
|
# For machinectl api
|
||||||
22623,
|
22623,
|
||||||
|
# 9941 is closed generally, is for the inbound fedmsg and is covered in
|
||||||
|
# custom_rules
|
||||||
|
]
|
||||||
|
|
||||||
|
custom_rules: [
|
||||||
|
# Needed for keepalived
|
||||||
|
'-A INPUT -d 224.0.0.0/8 -j ACCEPT',
|
||||||
|
'-A INPUT -p vrrp -j ACCEPT',
|
||||||
]
|
]
|
||||||
|
|
|
||||||
|
|
@ -18,12 +18,12 @@
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
- base
|
- base
|
||||||
- basessh
|
|
||||||
- fas_client
|
- fas_client
|
||||||
- rkhunter
|
- rkhunter
|
||||||
- nagios_client
|
- nagios_client
|
||||||
- collectd/base
|
- collectd/base
|
||||||
- sudo
|
- sudo
|
||||||
|
- keepalived
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
|
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue