Vladimir Timofeenko
542f562c41
Added molecule tests for Gentoo
...
This commit adds molecule tests for Gentoo.
Since the tests run inside docker and on systemd system, the host system
also needs to run systemd.
The tests create volumes in /srv/ so that artifacts that take a long
time to build and synchronize are reused between test runs.
This specific commit also fixes the error in ipr-cnrs/nftables#24
2021-08-20 16:50:28 -07:00
Jeremy Gardais
68c5d4e9f7
Remove recurse on fail2ban custom directory
...
Molecule idempotence test
2021-08-18 16:02:22 +02:00
Jeremy Gardais
34c2668912
Fix systemd directories permissions
2021-08-13 11:52:04 +02:00
Jeremy Gardais
1a5e044ebb
Move systemd "Protect" options to override file
...
Rebase after Gentoo related commits
2021-08-13 11:51:54 +02:00
Jeremy Gardais
477f4f722c
Ensure to disable nftables unit from old target
2021-08-13 11:50:41 +02:00
Jeremy Gardais
ac61739f91
Automatically add overrides for fail2ban unit
2021-08-13 11:50:40 +02:00
Jeremy Gardais
28cf15ee42
Manage Fail2ban in the "systemd way"
...
Thanks to @FinweVI !
Rebase after Gentoo related commits
2021-08-13 11:48:27 +02:00
Paweł Krawczyk
3b55e70281
Remove empty lines (yamllint)
2021-08-07 23:35:43 +01:00
Paweł Krawczyk
06c594f11b
Debug os family detection in GitHub Actions
2021-08-07 13:32:43 +01:00
Paweł Krawczyk
6084cfce83
Add task names as required by ansible-lint
2021-08-07 12:18:09 +01:00
Paweł Krawczyk
8fad9d75fd
Update cache on package install
2021-08-07 11:47:32 +01:00
Jeremy Gardais
7639f2bbbf
Merge branch 'backup_toggle' of https://github.com/p-rintz/nftables into p-rintz-backup_toggle
2021-03-12 09:54:06 +01:00
Philipp Rintz
ab5c105419
Make config backup configurable by using nft_backup_conf variable.
2021-03-12 09:28:45 +01:00
Jeremy Gardais
60b7d49555
Merge branch 'feature_forwarding' of https://github.com/p-rintz/nftables into p-rintz-feature_forwarding
2021-03-09 18:02:31 +01:00
Philipp Rintz
e0658c0661
Added the option to manage the forwarding firewall table.
2021-03-03 13:57:36 +01:00
Jeremy Gardais
4576ec6ed4
Ansible-lint: Fix line longer than 160 chars
2021-01-05 15:58:43 +01:00
Philipp Rintz
19ee0ed2bc
Change variable names + add debug toggle.
2020-12-30 17:15:14 +01:00
Philipp Rintz
b3e26a435e
Allow for undefined group variables for merged_groups.
2020-12-01 16:17:01 +01:00
Philipp Rintz
2b61973d1c
Fix error when variables were empty
2020-11-11 15:27:08 +01:00
Philipp Rintz
290a86e906
Support merged firewall rules for multiple groups per host.
...
- Multiple groups for a single server will now lead to all firewall
rules being merged instead of overwritten.
2020-11-10 21:17:11 +01:00
Jeremy Gardais
221de0cc89
Reload nftables service to apply new rules
...
Fix #3 Github
2020-04-21 09:53:57 +02:00
Julien Viard de Galbert
5394cedc2a
Fix deprecation warning with ansible 2.7
...
[DEPRECATION WARNING]: Invoking "apt" only once while using a loop via
squash_actions is deprecated. Instead of using a loop to supply multiple
items and specifying `name: "{{ item }}"`, please use
`name: ['{{ nft_old_pkg_list }}']` and remove the loop.
This feature will be removed in version 2.11.
Signed-off-by: Julien Viard de Galbert <julien@vdg.name>
2019-05-07 00:00:48 +02:00
Jeremy Gardais
63b3bb2c13
Generate Nat table rules files
2019-04-16 15:48:30 +02:00
Jeremy Gardais
a5199dc0f2
Clean tasks name and comments in tasks/main.yml file
2019-04-16 14:10:11 +02:00
Jeremy Gardais
7ace36ed6e
Fix E405 Remote package tasks should have a retry
2019-02-27 13:31:25 +01:00
Jeremy Gardais
2dcf0ab10e
Use to_nice_json to manage packages list
2019-02-27 13:28:27 +01:00
Jeremy Gardais
485f7fa83d
Move two task in systemd handler (try to fix #1 )
...
Try to fix the long delay at the first run.
2018-07-25 15:08:44 +02:00
Jeremy Gardais
bf9080fcb3
Set a variable to enable/disable Nftables
2018-05-16 14:38:33 +02:00
Jeremy Gardais
0a909641b5
Reload systemd daemons only if unit file change.
2018-02-06 17:28:41 +01:00
Jeremy Gardais
eb93ff65f9
Provide the systemd unit.
2018-02-06 17:17:48 +01:00
Jeremy Gardais
f2d586c176
Ensure to remove old packages (iptables,…).
2017-08-18 09:25:28 +02:00
Jeremy Gardais
e439f6ae5f
Ensure to create the the directory to store the differents configuration files (/etc/nftables.d).
2017-08-18 09:18:43 +02:00
Jeremy Gardais
f5f4b83a84
Manage nftables service at startup.
2017-08-09 14:27:07 +02:00
Jeremy Gardais
c711ec53eb
Move output rules to a specific file.
2017-08-08 15:35:05 +02:00
Jeremy Gardais
043bc55dcb
Manage sets and maps definitions in a specific file.
2017-08-08 14:32:59 +02:00
Jeremy Gardais
f1d2f6582f
Add possibility to have nftables vars.
2017-08-08 12:11:58 +02:00
Jeremy Gardais
5ff44ffcfa
Move input rules to a specific file.
2017-08-07 17:37:41 +02:00
Jeremy Gardais
1c1013067d
Notify `nftables` service when configuration file is modified.
2017-08-07 14:14:14 +02:00
Jeremy Gardais
bc6f69fc59
Generate main configuration file.
2017-08-07 13:48:54 +02:00
Jeremy Gardais
df57dc8042
Install nftables.
2017-08-07 12:09:13 +02:00