Infrastructure/ansible
3
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Cull global packages, add ansible accel mode to kojibuilders.

Browse source
This commit is contained in:
Kevin Fenzi 2014-01-24 22:27:34 +00:00
parent de9c00f1ba
commit 588722a9e8
2 changed files with 8 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
roles/base/templates/iptables/iptables.kojibuilder
View file

@ -47,6 +47,12 @@
-A INPUT -p tcp -m tcp -s 10.5.0.0/16 --dport 22 -j ACCEPT
-A OUTPUT -p tcp -m tcp -d 10.5.0.0/16 --sport 22 -j ACCEPT
# for ansible accelerate mode - allow port 5099 from lockbox and it's ips
-A INPUT -p tcp -m tcp --dport 5099 -s 192.168.1.58 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5099 -s 10.5.126.23 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5099 -s 10.5.127.51 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5099 -s 209.132.181.6 -j ACCEPT
# git to pkgs
-A OUTPUT -m tcp -p tcp --dport 9418 -d 10.5.125.44 -j ACCEPT
-A OUTPUT -m udp -p udp --dport 9418 -d 10.5.125.44 -j ACCEPT

4
vars/global.yml
View file

@ -24,8 +24,8 @@ f20_qcow_id: ami-00000038
hostbase: transient
# root_auth_users for cloud instances is '' by default
root_auth_users: ''
global_pkgs_inst: ['bind-utils', 'joe', 'mailx', 'nc', 'openssh-clients',
'patch', 'postfix', 'rsync', 'strace', 'telnet',
global_pkgs_inst: ['bind-utils', 'mailx', 'nc', 'openssh-clients',
'patch', 'postfix', 'rsync', 'strace',
'tmpwatch', 'traceroute', 'vim-enhanced', 'xz', 'zsh',
'libselinux-python', 'ntpdate' ]