Commit Graph

963 Commits (d198d025de7aaecb0ae63335d31947da017a1b00)

Author SHA1 Message Date
Chris Lamb 8d7d070201 system/ufw.py: Add security warning re. removing ufw application prof…
It's not particularly obvious that removing an application will remove it
from ufw's own state, potentially leaving ports open on your box if you
upload your configuration.

Whilst this applies to a lot of things in Ansible, firewall rules might
cross some sort of line that justifies such a warning in his instance.

Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
9 years ago
codehopper-uk aa29a4fd9c Basic ability to set masquerade options from ansible, according to current code design/layout (mostly) (#2017)
* Support for masquerade settings

Ability to enable and disable masquerade settings from ansible via:
- firewalld: mapping=masquerade state=disabled permanent=true zone=dmz

Placeholder added (mapping) to support masquerade and port_forward
choices initially - port_forward not implemented yet.

* Permanent and Immediate zone handling differentiated

* Corrected naming abstraction for masquerading functionality

Removed mapping tag with port_forward choices - not applicable!

* Added version info for new masquerade option

Pull Request #2017 failing due to missing version info
9 years ago
Michael Scherer ff74fc0072 Remove the +x from crypttab and cronvar (#2039)
While this change nothing, it is better to enforce consistency
9 years ago
Jasper Lievisse Adriaanse 2b8debbc2b Sprinkle some LANG/LC_* where command output is parsed (#2019) 9 years ago
Michael Scherer 2dbfdaa88b Remove dead code (#1303)
The review on https://github.com/ansible/ansible-modules-extras/pull/1303
show the problem was already fixed, so we just need to remove the
code.
9 years ago
kubilus1 773d402eac Unchecked index causes IndexError. 9 years ago
Monty Taylor 38c8fec277 Merge pull request #1149 from Jmainguy/puppet_stdout
Enable stdout and stderr on sucessful runs, making show_diff useable
9 years ago
René Moser fc79c8820e Merge pull request #1971 from insom/devel
Add `to_destination` parameter to iptables
9 years ago
Vlad Gusev f1175693f6 system/puppet: add --tags parameter (#1916)
* system/puppet: add --tags parameter

--tags [1] is used to apply a part of the node’s catalog.

In puppet:
puppet agent --tags update,monitoring

In ansible:
puppet: tags=update,monitoring

[1] https://docs.puppetlabs.com/puppet/latest/reference/lang_tags.html#restricting-catalog-runs

* Add example of tag usage.

* system/puppet: add list type for a tags dict.
9 years ago
Aaron Brady e2138c7e14 Add `to_destination` parameter 9 years ago
Chulki Lee f3c168594a osx_defaults: fix datetime
Fix #1742
9 years ago
René Moser daddc7caf4 Merge pull request #1478 from m0/firewalld_interface
Extends firewalld module with ability to add/remove interfaces to/from zones
9 years ago
David Hocky 031f98e86c fix dscp marking documentation in iptables module 9 years ago
René Moser 241dba1ee7 Merge pull request #1555 from LuckyGeck/devel
Added reject_with and uid_owner support to iptables module
9 years ago
Linus Unnebäck 7def4b01f5 make: move down ansible import 9 years ago
Linus Unnebäck b328feccb1 make: add empty return docs 9 years ago
Linus Unnebäck a0aef208b6 module: system/make 9 years ago
Pavel Sychev eda178a988 Added version restriction for uid_owner and reject_with. 9 years ago
Pavel Sychev c15dcf888b Added docs for reject_with and uid_owner. 9 years ago
Pavel Sychev 12890b14b2 Added reject_with and uid_owner support. 9 years ago
René Moser 0a65ddb3b1 Merge pull request #1641 from EmilienM/puppet/execute
system/puppet: allow to run puppet -e
9 years ago
Brian Coca 10e70b5f48 Merge pull request #1874 from mscherer/better_verif_alternatives
Add proper type to path and link
9 years ago
Michael Scherer 8c53e654f7 Add proper type to path and link
Since both of them are path, it should be checked using the
proper type.
9 years ago
Rene Moser 87599fd2ee osx_defaults: doc fix, add version_added for host agrument
See #1364
9 years ago
René Moser 4543d5838f Merge pull request #1364 from wincent/os-x-defaults-host
osx_defaults: add "host" attribute
9 years ago
Rene Moser f80865d32a lvol: remove unused import
See #1425
9 years ago
René Moser d159e6af34 Merge pull request #1425 from jonasvermeulen/devel
Added resizing code based on %-values
9 years ago
Michael Scherer 6b2bc9df04 Fix #1809, use the proper method to fail 9 years ago
Emilien Macchi c289aa4cb9 system/puppet: allow to run puppet -e
-e or --execute [1] allows to execute a specific piece of Puppet code
such a class.

For example, in puppet you would run:
puppet apply -e 'include ::mymodule'

Will be in ansible:
puppet: execute='include ::mymodule'

[1] http://docs.puppetlabs.com/puppet/latest/reference/man/apply.html#OPTIONS
9 years ago
René Moser aeb82091a6 Merge pull request #1634 from EmilienM/puppet/certname
system/puppet: add --certname parameter
9 years ago
René Moser 074c179793 Merge pull request #1787 from dougluce/cronvar-root-cron
cronvar.py: support absolute destinations
9 years ago
Rene Moser cd3daf5763 iptables: add defaults to docs 9 years ago
René Moser f479db69a4 Merge pull request #1822 from Comcast/feature/iptables_dscp_update
add support for setting dscp marks with iptables module
9 years ago
René Moser 186a68a382 Merge pull request #1597 from yta/fix_check_mode_issue_in_osx_defaults
osx_defaults: Do not make any changes in check mode
9 years ago
Brian Coca df217fe892 added new puppet path to bin search
fixes #1835
9 years ago
David Hocky 404267b064 add version added to new params 9 years ago
David Hocky b89f0f44d0 fix doc issue 9 years ago
David Hocky c9e3c57ee9 add support for setting dscp marks with iptables module 9 years ago
Jonas Vermeulen b5d75234a3 Added resizing based on %values. Included support for VG|PVS|FREE 9 years ago
Jonathan Mainguy deb72106d2 fixes bug where puppet fails if logdest is not specified 9 years ago
Doug Luce 0298dac401 Use os module for checking absolute/joining paths 9 years ago
Doug Luce 84def4398f cronvar.py: support absolute destinations
Mainly so /etc/crontab can be written to.
9 years ago
Brian Coca 479f99678b Merge pull request #1719 from bborysenko/lvol-doc-fix
The size option is required for lvol module
9 years ago
Borys Borysenko a3641cac4e The size option is required for lvol module with state=present 9 years ago
Michael Scherer f63ef1fee8 Add documentation to explain that pvs will be created if needed
Fix #1720
9 years ago
Emilien Macchi 6193ed4b0d system/puppet: add --certname parameter
certname [1] can be a useful parameter when we need to specify a
certificate name different from the default value [2] in Puppet.

Ex: the hosts have different names, in advanced network isolation
setups.

Also, it can be used when we want to run Puppet with a specific node
definition and not using hostname or fqdn to match the nodes where we want to
run Puppet [3] (not recommended by Puppetlabs though).

[1] https://docs.puppetlabs.com/puppet/latest/reference/configuration.html#certname
[2] Defaults to the node’s fully qualified domain name
[3] http://docs.puppetlabs.com/puppet/latest/reference/lang_node_definitions.html#naming
9 years ago
Travis J Parker 1862a813db fixes documented command for svc sending SIGUSR1 9 years ago
Matt Martz f881eb10d9 Add actual version to version_added for svc module 9 years ago
Ton Kersten 362760413f Fix facter path 9 years ago
James Cammarata 816d3bff6f Adding version_added field to logdest field for puppet module 9 years ago