2019-09-22 |
Peter Palfrader | muninmaster -> hiera role, new ssh store/collect, no... |
tree | commitdiff |
2019-09-22 |
Peter Palfrader | retire old HOST_MAILRELAY ferm variable |
tree | commitdiff |
2019-09-22 |
Peter Palfrader | remove smtp_sources from ferm's me.conf, retire old... |
tree | commitdiff |
2019-09-21 |
Peter Palfrader | remove old-style ssh firewalling setup for mirrors... |
tree | commitdiff |
2019-09-21 |
Aurelien Jarno | Decommission rusca (RT#7949) |
tree | commitdiff |
2019-09-21 |
Peter Palfrader | retire old-style firewalling for mirrormaster sshing... |
tree | commitdiff |
2019-09-21 |
Julien Cristau | Revert "ferm: open ssh from mirror-master to ports... |
tree | commitdiff |
2019-09-21 |
Julien Cristau | ferm: open ssh from mirror-master to ports mirror |
tree | commitdiff |
2019-09-20 |
Peter Palfrader | Retire unused extranrpeclient role -- the mini-nag... |
tree | commitdiff |
2019-09-16 |
Aurelien Jarno | Update wuiet IP address |
tree | commitdiff |
2019-09-16 |
Aurelien Jarno | wannabuild has been moved from bmdb1 to danzi |
tree | commitdiff |
2019-09-16 |
Peter Palfrader | make dns primary export and keyring host collect firewa... |
tree | commitdiff |
2019-09-16 |
Peter Palfrader | If the name is too long for netfilter, hash it |
tree | commitdiff |
2019-09-16 |
Peter Palfrader | move 3rd party nameserver info from the ferm template... |
tree | commitdiff |
2019-09-16 |
Peter Palfrader | Try a new ferm rule class |
tree | commitdiff |
2019-09-16 |
Peter Palfrader | whitespace/quoting: modules/ferm/manifests/ (make lint... |
tree | commitdiff |
2019-09-15 |
Peter Palfrader | One of the last changes broke dbmaster role based ferm... |
tree | commitdiff |
2019-09-15 |
Peter Palfrader | do not use role-based ssh restrict |
tree | commitdiff |
2019-09-13 |
Peter Palfrader | Try to avoid reserved site keyword |
tree | commitdiff |
2019-09-11 |
Peter Palfrader | Retire unused ferm varible definitions for HOST_STATIC* |
tree | commitdiff |
2019-09-11 |
Peter Palfrader | ssh between static hosts should be handled by the ssh... |
tree | commitdiff |
2019-09-11 |
Peter Palfrader | restrict ssh to static-master-ubc-01 by default. we... |
tree | commitdiff |
2019-09-11 |
Peter Palfrader | restrict ssh to static-master-grnet-01 by default.... |
tree | commitdiff |
2019-09-10 |
Julien Cristau | ferm::ftp_conntrack: remove jessie support |
tree | commitdiff |
2019-09-07 |
Peter Palfrader | stop using virtual resources for ferm::rule |
tree | commitdiff |
2019-09-07 |
Peter Palfrader | ssh restrict dns geo and dns primary hosts |
tree | commitdiff |
2019-09-07 |
Peter Palfrader | no longer need to manually whitelist adayevskaya on... |
tree | commitdiff |
2019-09-07 |
Peter Palfrader | gitolite pushes puppetmaster |
tree | commitdiff |
2019-09-07 |
Peter Palfrader | make puppetmaster a role included via hiera |
tree | commitdiff |
2019-09-07 |
Peter Palfrader | Move adayevskaya from bm to manda |
tree | commitdiff |
2019-08-30 |
Peter Palfrader | remove olin from bmdb1 access |
tree | commitdiff |
2019-08-28 |
Aurelien Jarno | Fix CSAIL IPv6 subnet |
tree | commitdiff |
2019-08-28 |
Aurelien Jarno | ferm: drop FREEBSD_SSH_ACCESS |
tree | commitdiff |
2019-08-28 |
Aurelien Jarno | ferm: add syncproxy.na.debian.org IPv6 |
tree | commitdiff |
2019-08-22 |
Peter Palfrader | move syslog ferm into syslog role |
tree | commitdiff |
2019-07-07 |
Peter Palfrader | geo ferm |
tree | commitdiff |
2019-07-07 |
Peter Palfrader | geo ferm |
tree | commitdiff |
2019-07-07 |
Peter Palfrader | fw on kaufmann |
tree | commitdiff |
2019-07-07 |
Peter Palfrader | unify v4 and v6 rules in named::primary |
tree | commitdiff |
2019-06-09 |
Luca Filipozzi | allow ssh access to ubc-node-arm* from ubc-bulwark... |
tree | commitdiff |
2019-05-28 |
Peter Palfrader | snapshotdb-manda-01: allow pg access from lw |
tree | commitdiff |
2019-05-23 |
Peter Palfrader | Allow snapshotdb-manda-01 to access pg on sallinen |
tree | commitdiff |
2019-04-03 |
Aurelien Jarno | Allow access to dak@bmdb1 from ullmann |
tree | commitdiff |
2019-04-03 |
Aurelien Jarno | Allow access to wanna-build@bmdb1 from respighi |
tree | commitdiff |
2019-04-02 |
Aurelien Jarno | Allow access to ullmann from wuiet |
tree | commitdiff |
2019-03-17 |
Aurelien Jarno | Decommission lully.d.o |
tree | commitdiff |
2019-01-28 |
Julien Cristau | add loghost-osuosl-01 |
tree | commitdiff |
2019-01-02 |
Tollef Fog Heen | Open up some IPs for tfheen |
tree | commitdiff |
2018-12-17 |
Peter Palfrader | reload ferm on changes instead of restart |
tree | commitdiff |
2018-11-18 |
Peter Palfrader | Also restrict "ganeti/kvm host" purpose |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | ferm cleanup: sallinen |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | ferm cleanup: bmdb1:debsources, fix |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | ferm cleanup: bmdb1:debsources |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | ferm cleanup: bmdb1:dedup |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | ferm cleanup: bmdb1:bacula |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | ferm cleanup: bmdb1:wannabuild, remove duplicate allow... |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | ferm cleanup: bmdb1:wannabuild |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | ferm cleanup: bmdb1:dak, fix |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | ferm cleanup: bmdb1:dak |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | ferm cleanup: bmdb1:main, fix |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | ferm cleanup: bmdb1:main |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | ferm cleanup: fasolo postgres |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | test avoiding hardcoding addresses |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | no more varnish on sibelius |
tree | commitdiff |
2018-11-13 |
Peter Palfrader | bugs-search no longer runs on sonntag |
tree | commitdiff |
2018-11-01 |
Julien Cristau | Drop firewall rule for pg @ sibelius |
tree | commitdiff |
2018-10-31 |
Peter Palfrader | unique all ip addresses |
tree | commitdiff |
2018-10-31 |
Peter Palfrader | Try a unique around v4addrs |
tree | commitdiff |
2018-10-30 |
Peter Palfrader | Move logging and related/established out of ferm.conf... |
tree | commitdiff |
2018-10-30 |
Peter Palfrader | move munin rules from conf.d to the rules dir, 2 |
tree | commitdiff |
2018-10-30 |
Peter Palfrader | move munin rules from conf.d to the rules dir |
tree | commitdiff |
2018-10-30 |
Peter Palfrader | rename interfaces to 50-munin-interfaces |
tree | commitdiff |
2018-10-30 |
Peter Palfrader | merge munin_ip v4 and v6 into one rule |
tree | commitdiff |
2018-10-30 |
Peter Palfrader | change default ferm rule priority to 10 from 00 |
tree | commitdiff |
2018-10-23 |
Peter Palfrader | Add a second easydns ipv4 address |
tree | commitdiff |
2018-10-16 |
Peter Palfrader | try a HEREdoc as the syntax checker seems to have issue... |
tree | commitdiff |
2018-10-16 |
Peter Palfrader | allow respighi to access udd on ullmann |
tree | commitdiff |
2018-10-16 |
Peter Palfrader | merge ipv4 and ipv6 rule for ullmann's dsa-postgres... |
tree | commitdiff |
2018-10-16 |
Peter Palfrader | allow ssh from ftpmaster to debug_mirrors |
tree | commitdiff |
2018-10-16 |
Peter Palfrader | fix a prefix len in dsa-postgres-udd6 |
tree | commitdiff |
2018-10-10 |
Peter Palfrader | Start with removing some moszumanska entries (in partic... |
tree | commitdiff |
2018-08-07 |
Julien Cristau | Revert "allow access to pg on vittoria for dc18" |
tree | commitdiff |
2018-08-07 |
Julien Cristau | Revert "RT#7368: add additional IP" |
tree | commitdiff |
2018-07-31 |
Peter Palfrader | retire old cleanup job for ip6_ munin plugins |
tree | commitdiff |
2018-07-31 |
Peter Palfrader | Make sure nodeinfo['misc']['v[46]addrs'] always exists... |
tree | commitdiff |
2018-07-31 |
Peter Palfrader | ferm/munin: use already split v[46]addrs for munin... |
tree | commitdiff |
2018-07-29 |
Martin Zobel-Helas | RT#7368: add additional IP |
tree | commitdiff |
2018-07-27 |
Julien Cristau | allow access to pg on vittoria for dc18 |
tree | commitdiff |
2018-07-17 |
Julien Cristau | Remove wheezy-supporting cruft |
tree | commitdiff |
2018-06-18 |
Julien Cristau | Update my home ip ranges yet again |
tree | commitdiff |
2018-05-29 |
Peter Palfrader | sallinen: retire 443->5473 dnat |
tree | commitdiff |
2018-05-28 |
Peter Palfrader | pg firewalling |
tree | commitdiff |
2018-05-28 |
Peter Palfrader | add lw07 to snapshot_web group |
tree | commitdiff |
2018-05-06 |
Julien Cristau | New IP ranges for jcristau |
tree | commitdiff |
2018-03-11 |
Peter Palfrader | There is no ferm-restart Exec to notify |
tree | commitdiff |
2018-03-06 |
Peter Palfrader | ferm::conf - include ferm |
tree | commitdiff |
2018-03-06 |
Peter Palfrader | start ferm config with a 00-init and start SSH*SOURCES... |
tree | commitdiff |
2018-03-06 |
Peter Palfrader | ferm::conf - merge with tor version |
tree | commitdiff |
2018-02-08 |
Martin Zobel-Helas | remove sgran IP range. he can hop via master if needed |
tree | commitdiff |
2018-02-02 |
Tollef Fog Heen | No more conntrackd in bm, so drop firewall opening |
tree | commitdiff |
next |