fail2ban: actually ship the dsa-exim-strict set up
[mirror/dsa-puppet.git] / modules / ferm /
2019-09-28 Peter Palfradermigrate away from old postgres_backup_server role
2019-09-28 Peter Palfraderswitch sallinen to modern pg backup config fu
2019-09-28 Peter Palfraderswitch bmdb1 to modern pg backup config fu
2019-09-28 Peter Palfraderswitch seger to modern pg backup config fu
2019-09-28 Peter Palfraderremove explicit ferm allow from the pgbackup hosts...
2019-09-28 Aurelien JarnoDrop the dedup cluster at bytemark
2019-09-28 Aurelien JarnoDrop HOST_PGBACKUPHOST_V4 and HOST_PGBACKUPHOST_V6
2019-09-28 Aurelien Jarnoferm@serger: merge dsa-postgres-backup and dsa-postgres...
2019-09-28 Aurelien JarnoDrop HOST_DEBIAN_V4 and HOST_DEBIAN_V6
2019-09-27 Aurelien Jarnoferm: do not open PG to backup hosts for clusters defin...
2019-09-27 Aurelien Jarnopg@danzi: use a list of hosts instead of whitelisting...
2019-09-25 Peter PalfraderDocument ferm::rule::simple
2019-09-24 Julien Cristauticharich no longer needs access to bmdb1
2019-09-24 Julien Cristauparadis at ubc
2019-09-23 Julien Cristaubacula cluster moved to postgresql-manda-01
2019-09-22 Aurelien Jarnodanzi: merge dsa-postgres2-danzi and dsa-postgres2...
2019-09-22 Aurelien Jarnodanzi: merge dsa-postgres-danzi and dsa-postgres-danzi6
2019-09-22 Aurelien JarnoAllow access to the tracker db @ danzi from ticharich
2019-09-22 Peter Palfradernagiosmaster -> hiera role; bind acls still not converted
2019-09-22 Peter Palfradermerge SSH_SOURCES and SSH_V6_SOURCES
2019-09-22 Peter PalfraderRemove empty ferm::zivit
2019-09-22 Peter Palfraderiptables -vnL on zelenka suggests that zivit no longer...
2019-09-22 Peter PalfraderApparently we no longer monitor the time service on...
2019-09-22 Peter Palfradermuninmaster -> hiera role, new ssh store/collect, no...
2019-09-22 Peter Palfraderretire old HOST_MAILRELAY ferm variable
2019-09-22 Peter Palfraderremove smtp_sources from ferm's me.conf, retire old...
2019-09-21 Peter Palfraderremove old-style ssh firewalling setup for mirrors...
2019-09-21 Aurelien JarnoDecommission rusca (RT#7949)
2019-09-21 Peter Palfraderretire old-style firewalling for mirrormaster sshing...
2019-09-21 Julien CristauRevert "ferm: open ssh from mirror-master to ports...
2019-09-21 Julien Cristauferm: open ssh from mirror-master to ports mirror
2019-09-20 Peter PalfraderRetire unused extranrpeclient role -- the mini-nag...
2019-09-16 Aurelien JarnoUpdate wuiet IP address
2019-09-16 Aurelien Jarnowannabuild has been moved from bmdb1 to danzi
2019-09-16 Peter Palfradermake dns primary export and keyring host collect firewa...
2019-09-16 Peter PalfraderIf the name is too long for netfilter, hash it
2019-09-16 Peter Palfradermove 3rd party nameserver info from the ferm template...
2019-09-16 Peter PalfraderTry a new ferm rule class
2019-09-16 Peter Palfraderwhitespace/quoting: modules/ferm/manifests/ (make lint...
2019-09-15 Peter PalfraderOne of the last changes broke dbmaster role based ferm...
2019-09-15 Peter Palfraderdo not use role-based ssh restrict
2019-09-13 Peter PalfraderTry to avoid reserved site keyword
2019-09-11 Peter PalfraderRetire unused ferm varible definitions for HOST_STATIC*
2019-09-11 Peter Palfraderssh between static hosts should be handled by the ssh...
2019-09-11 Peter Palfraderrestrict ssh to static-master-ubc-01 by default. we...
2019-09-11 Peter Palfraderrestrict ssh to static-master-grnet-01 by default....
2019-09-10 Julien Cristauferm::ftp_conntrack: remove jessie support
2019-09-07 Peter Palfraderstop using virtual resources for ferm::rule
2019-09-07 Peter Palfraderssh restrict dns geo and dns primary hosts
2019-09-07 Peter Palfraderno longer need to manually whitelist adayevskaya on...
2019-09-07 Peter Palfradergitolite pushes puppetmaster
2019-09-07 Peter Palfradermake puppetmaster a role included via hiera
2019-09-07 Peter PalfraderMove adayevskaya from bm to manda
2019-08-30 Peter Palfraderremove olin from bmdb1 access
2019-08-28 Aurelien JarnoFix CSAIL IPv6 subnet
2019-08-28 Aurelien Jarnoferm: drop FREEBSD_SSH_ACCESS
2019-08-28 Aurelien Jarnoferm: add syncproxy.na.debian.org IPv6
2019-08-22 Peter Palfradermove syslog ferm into syslog role
2019-07-07 Peter Palfradergeo ferm
2019-07-07 Peter Palfradergeo ferm
2019-07-07 Peter Palfraderfw on kaufmann
2019-07-07 Peter Palfraderunify v4 and v6 rules in named::primary
2019-06-09 Luca Filipozziallow ssh access to ubc-node-arm* from ubc-bulwark...
2019-05-28 Peter Palfradersnapshotdb-manda-01: allow pg access from lw
2019-05-23 Peter PalfraderAllow snapshotdb-manda-01 to access pg on sallinen
2019-04-03 Aurelien JarnoAllow access to dak@bmdb1 from ullmann
2019-04-03 Aurelien JarnoAllow access to wanna-build@bmdb1 from respighi
2019-04-02 Aurelien JarnoAllow access to ullmann from wuiet
2019-03-17 Aurelien JarnoDecommission lully.d.o
2019-01-28 Julien Cristauadd loghost-osuosl-01
2019-01-02 Tollef Fog HeenOpen up some IPs for tfheen
2018-12-17 Peter Palfraderreload ferm on changes instead of restart
2018-11-18 Peter PalfraderAlso restrict "ganeti/kvm host" purpose
2018-11-13 Peter Palfraderferm cleanup: sallinen
2018-11-13 Peter Palfraderferm cleanup: bmdb1:debsources, fix
2018-11-13 Peter Palfraderferm cleanup: bmdb1:debsources
2018-11-13 Peter Palfraderferm cleanup: bmdb1:dedup
2018-11-13 Peter Palfraderferm cleanup: bmdb1:bacula
2018-11-13 Peter Palfraderferm cleanup: bmdb1:wannabuild, remove duplicate allow...
2018-11-13 Peter Palfraderferm cleanup: bmdb1:wannabuild
2018-11-13 Peter Palfraderferm cleanup: bmdb1:dak, fix
2018-11-13 Peter Palfraderferm cleanup: bmdb1:dak
2018-11-13 Peter Palfraderferm cleanup: bmdb1:main, fix
2018-11-13 Peter Palfraderferm cleanup: bmdb1:main
2018-11-13 Peter Palfraderferm cleanup: fasolo postgres
2018-11-13 Peter Palfradertest avoiding hardcoding addresses
2018-11-13 Peter Palfraderno more varnish on sibelius
2018-11-13 Peter Palfraderbugs-search no longer runs on sonntag
2018-11-01 Julien CristauDrop firewall rule for pg @ sibelius
2018-10-31 Peter Palfraderunique all ip addresses
2018-10-31 Peter PalfraderTry a unique around v4addrs
2018-10-30 Peter PalfraderMove logging and related/established out of ferm.conf...
2018-10-30 Peter Palfradermove munin rules from conf.d to the rules dir, 2
2018-10-30 Peter Palfradermove munin rules from conf.d to the rules dir
2018-10-30 Peter Palfraderrename interfaces to 50-munin-interfaces
2018-10-30 Peter Palfradermerge munin_ip v4 and v6 into one rule
2018-10-30 Peter Palfraderchange default ferm rule priority to 10 from 00
2018-10-23 Peter PalfraderAdd a second easydns ipv4 address
2018-10-16 Peter Palfradertry a HEREdoc as the syntax checker seems to have issue...
2018-10-16 Peter Palfraderallow respighi to access udd on ullmann
next