salt
/
ufw-formula
forked from ExternalMirrors/ufw-formula
Watch 2
Star 0
Fork 0
Code Releases 8 Activity
Saltstack Official UFW Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
43 Commits
1 Branch
Tree: f27ec2e262
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f27ec2e262'
${ noResults }
ufw-formula/kitchen.yml

153 lines
4.0KB
Raw Blame History 

  1. # -*- coding: utf-8 -*-

  2. # vim: ft=yaml

  3. ---

  4. # For help on this file's format, see https://kitchen.ci/

  5. driver:

  6.   name: docker

  7.   use_sudo: false

  8.   privileged: true

  9.   run_command: /lib/systemd/systemd

  10. 

  11. # Make sure the platforms listed below match up with

  12. # the `env.matrix` instances defined in `.travis.yml`

  13. platforms:

  14.   ## SALT 2019.2

  15.   - name: debian-9-2019-2-py3

  16.     driver:

  17.       image: netmanagers/salt-2019.2-py3:debian-9

  18.       provision_command:

  19.         - apt-get update && apt-get install -y locales

  20.         - echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen

  21.         - locale-gen en_US.UTF-8

  22.   - name: ubuntu-1804-2019-2-py3

  23.     driver:

  24.       image: netmanagers/salt-2019.2-py3:ubuntu-18.04

  25.   - name: centos-7-2019-2-py3

  26.     driver:

  27.       image: netmanagers/salt-2019.2-py3:centos-7

  28.   - name: fedora-29-2019-2-py3

  29.     driver:

  30.       image: netmanagers/salt-2019.2-py3:fedora-29

  31.   - name: opensuse-leap-15-2019-2-py3

  32.     driver:

  33.       image: netmanagers/salt-2019.2-py3:opensuse-leap-15

  34.       run_command: /usr/lib/systemd/systemd

  35. 

  36.   ## SALT 2018.3

  37.   - name: debian-9-2018-3-py2

  38.     driver:

  39.       image: netmanagers/salt-2018.3-py2:debian-9

  40.       provision_command:

  41.         - apt-get update && apt-get install -y locales

  42.         - echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen

  43.         - locale-gen en_US.UTF-8

  44.   - name: ubuntu-1604-2018-3-py2

  45.     driver:

  46.       image: netmanagers/salt-2018.3-py2:ubuntu-16.04

  47.   - name: centos-7-2018-3-py2

  48.     driver:

  49.       image: netmanagers/salt-2018.3-py2:centos-7

  50.   - name: fedora-29-2018-3-py2

  51.     driver:

  52.       image: netmanagers/salt-2018.3-py2:fedora-29

  53.   # TODO: Use this when fixed instead of `opensuse-leap-42`

  54.   # Ref: https://github.com/netmanagers/salt-image-builder/issues/2

  55.   # - name: opensuse-leap-15-2018-3-py2

  56.   #   driver:

  57.   #     image: netmanagers/salt-2018.3-py2:opensuse-leap-15

  58.   #     run_command: /usr/lib/systemd/systemd

  59.   - name: opensuse-leap-42-2018-3-py2

  60.     driver:

  61.       image: netmanagers/salt-2018.3-py2:opensuse-leap-42

  62.       run_command: /usr/lib/systemd/systemd

  63. 

  64.   ## SALT 2017.7

  65.   - name: debian-8-2017-7-py2

  66.     driver:

  67.       image: netmanagers/salt-2017.7-py2:debian-8

  68.       provision_command:

  69.         - apt-get update && apt-get install -y locales

  70.         - echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen

  71.         - locale-gen en_US.UTF-8

  72.   - name: ubuntu-1604-2017-7-py2

  73.     driver:

  74.       image: netmanagers/salt-2017.7-py2:ubuntu-16.04

  75.   - name: centos-6-2017-7-py2

  76.     driver:

  77.       image: netmanagers/salt-2017.7-py2:centos-6

  78.       run_command: /sbin/init

  79.       run_options: -v /lib/modules:/lib/modules:ro

  80.   - name: fedora-28-2017-7-py2

  81.     driver:

  82.       image: netmanagers/salt-2017.7-py2:fedora-28

  83.   - name: opensuse-leap-42-2017-7-py2

  84.     driver:

  85.       image: netmanagers/salt-2017.7-py2:opensuse-leap-42

  86.       run_command: /usr/lib/systemd/systemd

  87. 

  88. provisioner:

  89.   name: salt_solo

  90.   log_level: info

  91.   salt_install: none

  92.   require_chef: false

  93.   formula: ufw

  94.   salt_copy_filter:

  95.     - .kitchen

  96.     - .git

  97.   state_top:

  98.     base:

  99.       '*':

  100.         - ufw

  101.   pillars:

  102.     top.sls:

  103.       base:

  104.         '*':

  105.           - ufw

  106.     ufw.sls:

  107.       ufw:

  108.         enabled: True

  109.         settings:

  110.           loglevel: 'low'

  111.         applications:

  112.           MySQL:

  113.             comment: Allow MySQL

  114.           Postgresql:

  115.             limit: True

  116.             comment: Limit Postgresql

  117.           SSH223:

  118.             deny: True

  119.             comment: Deny Webscale SSH

  120.           '*':

  121.             deny: True

  122.             from_addr: 10.0.0.0/8

  123.         services:

  124.           '*':

  125.             deny: True

  126.             from_addr:

  127.               - 10.0.0.1

  128.               - 10.0.0.2

  129.           '22':

  130.             protocol: tcp

  131.             limit: True

  132.             comment: Limit SSH

  133.           '80':

  134.             protocol: tcp

  135.             deny: True

  136.             comment: Deny HTTP

  137.           '443':

  138.             protocol: tcp

  139.             comment: Allow HTTPS

  140. 

  141. verifier:

  142.   # https://www.inspec.io/

  143.   name: inspec

  144.   sudo: true

  145.   # cli, documentation, html, progress, json, json-min, json-rspec, junit

  146.   reporter:

  147.     - cli

  148.   inspec_tests:

  149.     - path: test/integration/default

  150. 

  151. suites:

  152.   - name: default