fix: needed to add repos with helm

Merge branch 'main' of https://gitea.lyc-lecastel.fr/gadmin/gsb2023
modification
2023-04-03 11:08:53 +02:00 · 2023-04-03 11:05:13 +02:00 · 2023-04-03 11:04:13 +02:00 · 2023-04-03 11:00:19 +02:00 · 2023-04-03 10:47:41 +02:00 · 2023-03-30 11:21:59 +02:00
4 changed files with 5 additions and 60 deletions
--- a/r-vp2.yml
+++ b/r-vp2.yml
@ -18,7 +18,7 @@
 #   - firewall-vpn-l
   - wireguard-l
 #   - x509-l
-   - fw-ferm
+   - post
   - ssh-cli
   - syslog-cli
-   - post
+   - fw-ferm
--- a/roles/fw-ferm/files/ferm-vp1.conf
+++ b/roles/fw-ferm/files/ferm-vp1.conf
@ -1,47 +0,0 @@
 # -*- shell-script -*-
@def $DEV_VPN= wg0;
 table filter {
    chain INPUT {
        policy DROP;
        # connection tracking
        mod state state INVALID DROP;
        mod state state (ESTABLISHED RELATED) ACCEPT;
        # allow local connections
        interface lo ACCEPT;
        interface $DEV_VPN{
        # respond to ping
        proto icmp icmp-type echo-request ACCEPT;
        # disallow ssh
        saddr proto tcp dport ssh DROP;
        }
    }#FIN INPUT
    # outgoing connections are not limited
    chain OUTPUT {
        policy ACCEPT;
        interface $DEV_VPN{
        # allow ssh
        daddr proto tcp dport ssh ACCEPT;
        # respond to ping
        proto icmp icmp-type echo-request ACCEPT;
        }
     }#FIN OUTPUT
    chain FORWARD {
        policy ACCEPT;
        # connection tracking
        mod state state INVALID DROP;
        mod state state (ESTABLISHED RELATED) ACCEPT;
        # connections from the internal net to the internet or to other
        # internal nets are allowed
        interface $DEV_VPN ACCEPT;
        # the rest is dropped by the above policy
    }#FIN FO
 }
--- a/roles/fw-ferm/files/ferm.conf.r-vp1
+++ b/roles/fw-ferm/files/ferm.conf.r-vp1
@ -50,15 +50,7 @@ table filter {
    chain FORWARD {
        policy ACCEPT;
        interface $DEV_VPN{
            # respond to ping
        proto icmp icmp-type echo-request ACCEPT;
            # disallow ssh
            saddr($DEV_VPN) proto tcp dport ssh DROP;
            # allow ssh
            daddr($DEV_VPN) proto tcp dport ssh ACCEPT;
        }
        # connection tracking
        mod state state INVALID DROP;
--- a/roles/peertube/tasks/main.yml
+++ b/roles/peertube/tasks/main.yml
@ -20,11 +20,11 @@
  - name: copie de values.yaml...
    copy:
      src: /root/tools/ansible/gsb2023/roles/peertube/files/values.yaml
-      dest: /root/tools/peertube/Peertube-helm/helm/
+      dest: /root/tools/peertube/helm/
      mode: '0644'
  - name: installation de helm...
    shell: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
  - name: installation de peertube...
-    shell: helm build /root/tools/peertube/Peertube-helm/helm && helm install --create-namesapce -n peertube peertube-gsb
+    shell: helm repo add https://charts.bitnami.com/bitnami && helm repo add https://bokysan.github.io/docker-postfix && helm dependency build /root/tools/peertube/helm/ && helm install --create-namesapce -n peertube peertube-gsb /root/tools/peertube/helm
Author	SHA1	Message	Date
Elam Monnot	b36505bf78	fix: needed to add repos with helm	2023-04-03 11:08:53 +02:00
Johan Largy	2546430f94	Merge branch 'main' of https://gitea.lyc-lecastel.fr/gadmin/gsb2023	2023-04-03 11:05:13 +02:00
Johan Largy	0624f3da72	modification	2023-04-03 11:04:13 +02:00
Elam Monnot	40c8aeccd9	fix: changed paths in peertube role	2023-04-03 11:00:19 +02:00
Elam Monnot	5c21400e29	fix: wrong cp path in role	2023-04-03 10:47:41 +02:00
Elam Monnot	33a9c5e8f6	fix: try to solve an issue	2023-03-30 11:21:59 +02:00
Elam Monnot	6f25e4caa4	fix: wrong shell command	2023-03-30 11:14:41 +02:00