cybercinch/ansible-role-csf
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
7 Commits 1 Branch 1 Tag
main
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Aaron Guise 021fa1999a
All checks were successful
CI / lint (push) Successful in 14s
Details
CI / release (push) Successful in 36s
Details
CI / notify (push) Successful in 8s
Details
fix(ci): Applied yammlint fixes 🚨
2024-08-20 11:50:49 +12:00
.github/workflows
fix(ci): Applied yammlint fixes 🚨
2024-08-20 11:50:49 +12:00
defaults
fix(ci): Applied yammlint fixes 🚨
2024-08-20 11:50:49 +12:00
handlers
feat: Initial Project 🎉
2024-08-20 11:11:35 +12:00
meta
fix(ci): Applied yammlint fixes 🚨
2024-08-20 11:50:49 +12:00
tasks
fix: Apply linter fixes 🚨
2024-08-20 11:32:48 +12:00
templates
feat: Initial Project 🎉
2024-08-20 11:11:35 +12:00
vars
feat: Initial Project 🎉
2024-08-20 11:11:35 +12:00
.ansible-lint
fix(ci): Add ansible Lint Config 💚
2024-08-20 11:18:45 +12:00
.yamllint
fix(ci): Applied yammlint fixes 🚨
2024-08-20 11:50:49 +12:00
LICENSE
feat: Initial Project 🎉
2024-08-20 11:11:35 +12:00
README.md
feat: Initial Project 🎉
2024-08-20 11:11:35 +12:00
requirements.txt
fix(ci): Forgot to add requirements 💚
2024-08-20 11:16:27 +12:00

README.md

Ansible Galaxy Build Status

Ansible Role: CSF/LFD

Install and configure CSF/LFD

Requirements

CSF/LFD is a set of perl scripts, thus perl interpreter is required. Many popular distros comes with perl installed by default, nevertheless, this role will install perl if it is missing.

Full list of required packages (will be installed by this role) defined in csf_required_packages and csf_required_packages_dist variables.

Role Variables

Available variables with their default values can be found in defaults/main.yml.

Dependencies

None.

Example Playbook

- hosts: servers
  become: yes
  roles:
    - { role: likg.csf }
  vars_files:
    - path_to_vars.yml

File path_to_vars.yml:

csf_global_ini:
  - option: RESTRICT_SYSLOG
    value: "2"
  - option: URLGET
    value: "2"
  - option: TCP_IN
    value: "80,443,{{ hostvars[inventory_hostname]['ansible_port'] | default('22') }},30000:65535"
  - option: TCP_OUT
    value: "20,21,22,25,37,43,53,80,123,443,873,953,8080,9418,{{ hostvars[inventory_hostname]['ansible_port'] | default('22') }},30000:65535"
  - option: UDP_IN
    value: "53"
  - option: UDP_OUT
    value: "20,21,43,53,113,123,58745,30000:65535"

csf_allow:
  - 10.10.10.10
  - 172.16.1.1/29

csf_ignore:
  - 10.10.10.10
  - 172.16.1.1/29

csf_pignore:
  - 'exe:/usr/sbin/nginx'
  - 'user:mysql'

csf_fignore:
  - '/tmp/\.horde'
  - '/tmp/\.horde/.*'

csf_blocklists:
  - "SPAMDROP"

csf_csfpre_sh: |
  #!/bin/bash
  /sbin/iptables -t nat -F POSTROUTING

License

MIT

Author Information

This role was created by Lik. Extended by Cybercinch Team

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 45 KiB
Releases 1
v1.0.0 Latest
2024-08-20 11:51:41 +12:00
Languages
Jinja 100%