Merge branch 'master' of /home/hugo/puppet into production

author: Hugo Hörnquist <hugo@lysator.liu.se> 2021-12-29 20:13:55 +0100
committer: Hugo Hörnquist <hugo@lysator.liu.se> 2021-12-29 20:13:55 +0100
commit: d04542e000b8f8fadce45af96d93fb904ca99115 (patch)
tree: e85ee2bb0472d9f83f051f31d2629bf4c96bb755 /modules/profiles/manifests/firewall.pp
parent: Setup new site.pp. (diff)
parent: Migrate stuff from ansible. (diff)
download: webdav_server-d04542e000b8f8fadce45af96d93fb904ca99115.tar.gz
webdav_server-d04542e000b8f8fadce45af96d93fb904ca99115.tar.xz
1 files changed, 19 insertions, 0 deletions
diff --git a/modules/profiles/manifests/firewall.pp b/modules/profiles/manifests/firewall.pp
new file mode 100644
index 0000000..6c9d7e6
--- /dev/null
+++ b/modules/profiles/manifests/firewall.pp
@@ -0,0 +1,19 @@
+class profiles::firewall {
+	ensure_packages ([
+		'iptables-persistent',
+		'fail2ban',
+	], { ensure => installed })
+
+	file { '/etc/iptables/rules.v4':
+		source => 'puppet:///modules/profiles/firewall/rules.v4',
+	} ~> exec { 'reload firewall':
+		command => '/usr/share/netfilter-persistent/plugins.d/15-ip4tables restart',
+		refreshonly => true,
+	}
+
+	service { 'fail2ban':
+		ensure => running,
+		enable => true,
+	}
+
+}
author	Hugo Hörnquist <hugo@lysator.liu.se>	2021-12-29 20:13:55 +0100
committer	Hugo Hörnquist <hugo@lysator.liu.se>	2021-12-29 20:13:55 +0100
commit	d04542e000b8f8fadce45af96d93fb904ca99115 (patch)
tree	e85ee2bb0472d9f83f051f31d2629bf4c96bb755 /modules/profiles/manifests/firewall.pp
parent	Setup new site.pp. (diff)
parent	Migrate stuff from ansible. (diff)
download	webdav_server-d04542e000b8f8fadce45af96d93fb904ca99115.tar.gz webdav_server-d04542e000b8f8fadce45af96d93fb904ca99115.tar.xz