dépôts / lhc / ateliers.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Ajout : vm_hosted : rule_shorewall_configure .
[lhc/ateliers.git] / vm_hosted
diff --git a/vm_hosted b/vm_hosted
index b129993..a502f9d 100755 (executable)
--- a/vm_hosted
+++ b/vm_hosted
@@ -1437,6 +1437,47 @@ rule_runit_sv_restart () { # SYNTAX: $sv
                 esac
         done
  }
+rule_shorewall_configure () {
+       # DOC: http://shorewall.net/Introduction.html
+       local -; set +f
+       rule apt_get_install shorewall
+       sudo install -m 644 -o root -g root /dev/stdin \
+        /etc/default/shorewall <<-EOF
+               INITLOG=/dev/null
+               OPTIONS=""
+               RESTARTOPTIONS=""
+               SAFESTOP=0
+               STARTOPTIONS=""
+               startup=1
+               EOF
+       local conf
+       for conf in "$tool"/etc/shorewall/*
+        do conf=${conf#"$tool"/etc/shorewall/}
+               sudo test ! -f "$tool"/etc/shorewall/"$conf" ||
+               sudo install -m 640 -o root -g root \
+                "$tool"/etc/shorewall/"$conf" \
+                       /etc/shorewall/"$conf"
+        done
+       sudo install -d -m 750 -o root -g root \
+        /etc/shorewall/macro.d
+       for conf in "$tool"/etc/shorewall/macro.d/*
+        do conf=${conf#"$tool"/etc/shorewall/macro.d/}
+               sudo test ! -f "$tool"/etc/shorewall/macro.d/"$conf" ||
+               sudo install -m 640 -o root -g root \
+                "$tool"/etc/shorewall/macro.d/"$conf" \
+                       /etc/shorewall/macro.d/"$conf"
+        done
+       sudo install -d -m 750 -o root -g root \
+        /etc/shorewall/action.d
+       #for conf in "$tool"/etc/shorewall/action.d/*
+       # do conf=${conf#"$tool"/etc/shorewall/action.d/}
+       #       sudo test ! -f "$tool"/etc/shorewall/action.d/"$conf" ||
+       #       sudo install -m 640 -o root -g root \
+       #        "$tool"/etc/shorewall/action.d/"$conf" \
+       #               /etc/shorewall/action.d/"$conf"
+       # done
+       #sudo shorewall safe-restart
+ }
 rule_ssh_configure () {
        rule apt_get_install openssh-server
        rule insserv_remove ssh
@@ -1470,6 +1511,7 @@ rule_ssh_configure () {
                ListenAddress $vm_ipv4
                LogLevel INFO
                LoginGraceTime 120
+               MaxAuthTries 1
                PasswordAuthentication no
                PermitEmptyPasswords no
                PermitRootLogin yes
outils d'administration d'ateliers.heureux-cyclage.org