Sha256: aa8051d6dc59504a3f1b5029fb924ee878e0eb749ed4867504d05c314ca9111f
Contents?: true
Size: 1.09 KB
Versions: 4
Compression:
Stored size: 1.09 KB
Contents
module Pvcglue
class Packages
class Firewall < Pvcglue::Packages
# Reference: http://manpages.ubuntu.com/manpages/xenial/en/man8/ufw-framework.8.html
# Examples: https://help.ubuntu.com/community/UFW
def installed?
result = connection.run_get_stdout!(:root, '', 'ufw status verbose')
result =~ /Status: active/ && result =~ /Default: deny \(incoming\), allow \(outgoing\)/
end
def install!
connection.run!(:root, '', 'ufw disable; ufw --force reset; ufw allow ssh; ufw --force enable')
# connection.run!(:root, '', 'ufw logging off')
connection.run!(:root, '', 'ufw logging low')
if has_role?(:lb)
connection.run!(:root, '', 'ufw allow http')
connection.run!(:root, '', 'ufw allow https')
end
unless has_role?(:manager)
minion.cloud.minions.each do |other_minion_name, other_minion|
next if other_minion_name == minion.machine_name
connection.run!(:root, '', "ufw allow from #{other_minion.private_ip}")
end
end
end
end
end
end
Version data entries
4 entries across 4 versions & 1 rubygems