configure whitelisting for clients
This commit is contained in:
parent
3bcbc04bb4
commit
0d7536ed19
3 changed files with 23 additions and 0 deletions
|
@ -2,3 +2,6 @@
|
|||
apt_proxy_port: 3142
|
||||
apt_proxy_admin_user: admin
|
||||
apt_proxy_admin_mdp: "{{ vault_apt_proxy_admin_mdp }}"
|
||||
|
||||
apt_proxy_allowed_clients:
|
||||
- "{{ intranet['ipv4'] }}/{{ intranet['netmaskv4'] }}"
|
|
@ -28,6 +28,26 @@
|
|||
notify: Restart apt-cacher-ng
|
||||
no_log: true
|
||||
|
||||
- name: Edit the clients allowed to use the proxy
|
||||
lineinfile:
|
||||
path: /etc/hosts.allow
|
||||
regexp: '^apt-cacher-ng'
|
||||
line: "apt-cacher-ng: 127.0.0.1 {{ apt_proxy_allowed_clients | join(' ') }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '644'
|
||||
notify: Restart apt-cacher-ng
|
||||
|
||||
- name: Block everyone else
|
||||
lineinfile:
|
||||
path: /etc/hosts.deny
|
||||
regexp: '^apt-cacher-ng'
|
||||
line: "apt-cacher-ng: ALL"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '644'
|
||||
notify: Restart apt-cacher-ng
|
||||
|
||||
- name: Enable apt-cacher-ng
|
||||
systemd:
|
||||
name: "apt-cacher-ng"
|
||||
|
|
Loading…
Reference in a new issue