ansible-personal/roles/common/tasks
Alan Orth 38c333045b
roles/common: bring Ubuntu firewall changes to Debian 11
Note that there is currently an issue loading the spamhaus rules on
Debian 11 when using ipsets with firewalld and the nftables backend.
The bug is apparently caused by overlapping CIDR segments, and the
solution appears to be that we need to manually aggregate them with
a tool like aggregate6 (Python).

See: https://bugzilla.redhat.com/show_bug.cgi?id=1836571
See: https://wiki.fysik.dtu.dk/it/Linux_firewall_configuration#using-ipsets-in-firewalld-on-rhel-centos-8
See: https://github.com/job/aggregate6
2021-07-24 23:09:33 +03:00
..
cron-apt.yml Update with_items loops to use new-ish "loop" keyword 2018-04-02 15:52:51 +03:00
fail2ban.yml roles/common: Make sure fail2ban is started 2019-10-26 17:14:28 +02:00
firewall_Debian.yml roles/common: bring Ubuntu firewall changes to Debian 11 2021-07-24 23:09:33 +03:00
firewall_Ubuntu.yml roles/common: Add Spamhaus DROP lists to firewalld ipsets 2021-07-21 09:34:51 +03:00
main.yml roles/common: Update list of abusive IP addresses 2020-11-06 15:44:57 +02:00
ntp.yml Remove support for Debian 9 and Ubuntu 16.04 2020-07-14 09:45:33 +03:00
packages_Debian.yml roles/common: Don't configure apt sources on ARM 2021-07-24 22:32:20 +03:00
packages_Ubuntu.yml roles/common: Disable Canonical spam in MOTD 2020-06-25 21:12:00 +03:00
ssh-keys.yml roles/common: Add functionality to copy user keys to provisioning user 2014-10-11 12:13:45 +03:00
sshd.yml Update with_items loops to use new-ish "loop" keyword 2018-04-02 15:52:51 +03:00
tarsnap.yml roles/common: Update Tarsnap GPG key 2021-02-13 12:57:17 +02:00