X-Git-Url: https://git.cyclocoop.org/?p=lhc%2Fateliers.git;a=blobdiff_plain;f=vm_hosted;fp=vm_hosted;h=a502f9dbb8005e47af836542ad54f3abbbbc1f1e;hp=b1299938e768bb69cfe65a4d20453b3d419fb739;hb=e3ac8939191e19965d4645676f38ef011fc9874f;hpb=eaef4f8f178a8a7c6b6984dc9b40d29becbd996a diff --git a/vm_hosted b/vm_hosted index b129993..a502f9d 100755 --- a/vm_hosted +++ b/vm_hosted @@ -1437,6 +1437,47 @@ rule_runit_sv_restart () { # SYNTAX: $sv esac done } +rule_shorewall_configure () { + # DOC: http://shorewall.net/Introduction.html + local -; set +f + rule apt_get_install shorewall + sudo install -m 644 -o root -g root /dev/stdin \ + /etc/default/shorewall <<-EOF + INITLOG=/dev/null + OPTIONS="" + RESTARTOPTIONS="" + SAFESTOP=0 + STARTOPTIONS="" + startup=1 + EOF + local conf + for conf in "$tool"/etc/shorewall/* + do conf=${conf#"$tool"/etc/shorewall/} + sudo test ! -f "$tool"/etc/shorewall/"$conf" || + sudo install -m 640 -o root -g root \ + "$tool"/etc/shorewall/"$conf" \ + /etc/shorewall/"$conf" + done + sudo install -d -m 750 -o root -g root \ + /etc/shorewall/macro.d + for conf in "$tool"/etc/shorewall/macro.d/* + do conf=${conf#"$tool"/etc/shorewall/macro.d/} + sudo test ! -f "$tool"/etc/shorewall/macro.d/"$conf" || + sudo install -m 640 -o root -g root \ + "$tool"/etc/shorewall/macro.d/"$conf" \ + /etc/shorewall/macro.d/"$conf" + done + sudo install -d -m 750 -o root -g root \ + /etc/shorewall/action.d + #for conf in "$tool"/etc/shorewall/action.d/* + # do conf=${conf#"$tool"/etc/shorewall/action.d/} + # sudo test ! -f "$tool"/etc/shorewall/action.d/"$conf" || + # sudo install -m 640 -o root -g root \ + # "$tool"/etc/shorewall/action.d/"$conf" \ + # /etc/shorewall/action.d/"$conf" + # done + #sudo shorewall safe-restart + } rule_ssh_configure () { rule apt_get_install openssh-server rule insserv_remove ssh @@ -1470,6 +1511,7 @@ rule_ssh_configure () { ListenAddress $vm_ipv4 LogLevel INFO LoginGraceTime 120 + MaxAuthTries 1 PasswordAuthentication no PermitEmptyPasswords no PermitRootLogin yes