ansible-personal/roles/common
Alan Orth 38c333045b
roles/common: bring Ubuntu firewall changes to Debian 11
Note that there is currently an issue loading the spamhaus rules on
Debian 11 when using ipsets with firewalld and the nftables backend.
The bug is apparently caused by overlapping CIDR segments, and the
solution appears to be that we need to manually aggregate them with
a tool like aggregate6 (Python).

See: https://bugzilla.redhat.com/show_bug.cgi?id=1836571
See: https://wiki.fysik.dtu.dk/it/Linux_firewall_configuration#using-ipsets-in-firewalld-on-rhel-centos-8
See: https://github.com/job/aggregate6
2021-07-24 23:09:33 +03:00
..
defaults roles/common: Add support for fail2ban 2019-10-26 16:36:07 +02:00
files roles/common: Remove 00-persistent-journal.conf 2021-07-21 10:02:33 +03:00
handlers Remove support for Debian 9 and Ubuntu 16.04 2020-07-14 09:45:33 +03:00
tasks roles/common: bring Ubuntu firewall changes to Debian 11 2021-07-24 23:09:33 +03:00
templates roles/common: Add encryption settings to Debian 11 sshd_config 2021-07-24 22:28:59 +03:00