dustin
/
configpolicy
1
1
Fork 0
Code Issues Releases Activity
configpolicy/roles
History
Dustin c88ee8bd99 dch-gw: Restrict traffic from Management network 
Traffic from the management network is not allowed except for specific
services. NTP is required of course, for time synchronization with the
pyrocufflink.blue domain controllers. RADIUS is necessary for WiFi
authentication, which is also handled by the DCs.
 		2018-07-15 12:16:43 -05:00
..
ansible/tasks roles/ansible: Install python-netaddr 2018-04-08 12:33:54 -05:00
apache roles/apache: Support setting ServerTokens 2018-06-23 14:42:45 -05:00
base roles/base: Basic config management support 2018-01-29 15:02:10 -06:00
certbot roles/certbot: Support using existing account data 2018-06-23 13:44:34 -05:00
dch-gw dch-gw: Restrict traffic from Management network 2018-07-15 12:16:43 -05:00
dch-openvpn-server roles/dch-openvpn-server: Add FireMon Mgmt subnet 2018-07-14 19:16:40 -05:00
dch-proxy roles/dch-proxy: Add OpenVPN backend 2018-07-01 15:17:14 -05:00
dch-vpn-server roles/dch-vpn-server: Deploy pyrocufflink VPN 2018-05-20 12:58:07 -05:00
dhcpcd dhcpd: Install and configure ISC DHCPD 2018-03-27 20:44:43 -05:00
dhcpd roles/dhcpd: Allow disabling DDNS per-subnet 2018-05-06 13:38:15 -05:00
freeradius roles/freeradius: Optimize defaults cleanup 2018-05-06 18:39:39 -05:00
gitea roles/gitea: Allow configuring clone URLs 2018-06-04 20:03:55 -05:00
haproxy roles/haproxy: Basic setup for HAproxy 2018-06-12 22:31:15 -05:00
hostname hostname: Also write /etc/hosts 2018-04-08 10:11:43 -05:00
jenkins-slave roles/jenkins-slave: Prepare host for Jenkins 2018-04-08 11:59:18 -05:00
kerberos roles/kerberos: Configure mit-krb5 2018-01-29 15:05:51 -06:00
named roles/named: Support global forwarders 2018-04-06 20:11:08 -05:00
nftables roles/nftables: Basic nftables configuration 2018-03-27 20:44:43 -05:00
nsswitch roles/nsswitch: Configure glibc name service 2018-03-11 18:16:17 -05:00
ntpd ntp: Initial PB and role to set up ntpd 2018-04-22 11:19:22 -05:00
postfix roles/postfix: Deploy Postfix MTA 2018-04-15 11:37:25 -05:00
postgresql-server roles/postgresql-server: Deploy PostgreSQL 2018-04-14 15:23:44 -05:00
radvd roles/radvd: Support multiple prefixes per network 2018-04-06 20:16:02 -05:00
rhel-network roles/rhel-network: Add static route support 2018-03-27 20:44:43 -05:00
samba roles/samba: Support selecting interfaces 2018-06-23 14:42:45 -05:00
samba-dc roles/samba-dc: Support configuring TLS 2018-05-28 15:24:34 -05:00
ssh-hostkeys roles/ssh-hostkeys: Add keys for jenkins0.p.b 2018-07-03 13:30:34 -05:00
sshd roles/sshd: Configure OpenSSH daemon 2018-06-06 21:44:28 -05:00
strongswan roles/strongswan: Base role for strongSwan setup 2018-05-20 12:56:27 -05:00
sudo roles/sudo: Configure sudo and policy 2018-03-11 18:16:17 -05:00
system-auth roles/system-auth: Configure PAM system authentication 2018-03-11 18:16:17 -05:00
trustca roles/trustca: Generic role for adding CA certs 2018-06-04 20:03:55 -05:00
winbind roles/winbind: Use ad idmap backend 2018-04-08 14:40:04 -05:00
zabbix-agent roles/zabbix: Respect host_uses_firewalld 2018-06-19 20:37:09 -05:00
zabbix-server roles/zabbix-server: Redirect HTTP -> HTTPS 2018-06-09 14:35:22 -05:00