소스 검색

Merge pull request #9 from myii/ci/replace-eol-pre-salted-images

refactor(kitchen+inspec): move inline pillar to file
tags/v0.4.1
Imran Iqbal 5 년 전
부모
커밋
67eb6d0522
No account linked to committer's email address
2개의 변경된 파일35개의 추가작업 그리고 34개의 파일을 삭제
  1. +2
    -34
      kitchen.yml
  2. +33
    -0
      test/salt/pillar/default.sls

+ 2
- 34
kitchen.yml 파일 보기

@@ -123,40 +123,8 @@ provisioner:
base:
'*':
- ufw
ufw.sls:
ufw:
enabled: True
settings:
loglevel: 'low'
applications:
MySQL:
comment: Allow MySQL
Postgresql:
limit: True
comment: Limit Postgresql
SSH223:
deny: True
comment: Deny Webscale SSH
'*':
deny: True
from_addr: 10.0.0.0/8
services:
'*':
deny: True
from_addr:
- 10.0.0.1
- 10.0.0.2
'22':
protocol: tcp
limit: True
comment: Limit SSH
'80':
protocol: tcp
deny: True
comment: Deny HTTP
'443':
protocol: tcp
comment: Allow HTTPS
pillars_from_files:
ufw.sls: test/salt/pillar/default.sls

verifier:
# https://www.inspec.io/

+ 33
- 0
test/salt/pillar/default.sls 파일 보기

@@ -0,0 +1,33 @@
ufw:
enabled: True
settings:
loglevel: 'low'
applications:
MySQL:
comment: Allow MySQL
Postgresql:
limit: True
comment: Limit Postgresql
SSH223:
deny: True
comment: Deny Webscale SSH
'*':
deny: True
from_addr: 10.0.0.0/8
services:
'*':
deny: True
from_addr:
- 10.0.0.1
- 10.0.0.2
'22':
protocol: tcp
limit: True
comment: Limit SSH
'80':
protocol: tcp
deny: True
comment: Deny HTTP
'443':
protocol: tcp
comment: Allow HTTPS

Loading…
취소
저장