os-proxies don't do keepalive anymore
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
This commit is contained in:
Patrick Uiterwijk
parent
377d73b75e
commit
a2acf45321
2 changed files with 3 additions and 9 deletions
|
|
@ -9,16 +9,10 @@ tcp_ports: [
|
|||
# For os routers
|
||||
80,
|
||||
443,
|
||||
# For haproxy status
|
||||
8080,
|
||||
# For ks8 api
|
||||
6443,
|
||||
# For machinectl api
|
||||
22623,
|
||||
# 9941 is closed generally, is for the inbound fedmsg and is covered in
|
||||
# custom_rules
|
||||
]
|
||||
|
||||
custom_rules: [
|
||||
# Needed for keepalived
|
||||
'-A INPUT -d 224.0.0.0/8 -j ACCEPT',
|
||||
'-A INPUT -p vrrp -j ACCEPT',
|
||||
]
|
||||
|
|
|
|||
|
|
@ -18,12 +18,12 @@
|
|||
|
||||
roles:
|
||||
- base
|
||||
- basessh
|
||||
- fas_client
|
||||
- rkhunter
|
||||
- nagios_client
|
||||
- collectd/base
|
||||
- sudo
|
||||
- keepalived
|
||||
|
||||
tasks:
|
||||
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue