Initial Chef repository

2015-07-21 19:45:23 +02:00
parent 7e5401fc71
commit ee4079fa85
1151 changed files with 185163 additions and 0 deletions
--- a/cookbooks/firewall/attributes/default.rb
+++ b/cookbooks/firewall/attributes/default.rb
@@ -0,0 +1 @@
+default['firewall']['allow_ssh'] = false
--- a/cookbooks/firewall/attributes/ufw.rb
+++ b/cookbooks/firewall/attributes/ufw.rb
@@ -0,0 +1,12 @@
+default['firewall']['ufw']['defaults'] = {
+  :ipv6 => 'yes',
+  :manage_builtins => 'no',
+  :ipt_sysctl => '/etc/ufw/sysctl.conf',
+  :ipt_modules => 'nf_conntrack_ftp nf_nat_ftp nf_conntrack_netbios_ns',
+  :policy => {
+    :input => 'DROP',
+    :output => 'ACCEPT',
+    :forward => 'DROP',
+    :application => 'SKIP'
+  }
+}