No description

Find a file

Hans Jerry Illikainen a0b8b85fa5 ufw: add support for interface_in and interface_out (#65382 ) * ufw: escalate privileges in integration tests A few of the integration tests for the UFW module forgot to `become`. This is problematic if the test suite is executed as a non-privileged user. This commit amends that by adding `become` when appropriate. * ufw: add unit tests for direction and interface Extend the unit tests for the UFW module to test the `direction` and `interface` parameters. This will help in the implementation of a fix for issue #63903. * ufw: add support for interface_in and interface_out The UFW module has support for specifying `direction` and `interface` for UFW rules. Rules with these parameters are built such that per-interface filtering only apply to a single direction based on the value of `direction`. Not being able to specify multiple interfaces complicates things for `routed` rules where one might want to apply filtering only for a specific combination of `in` and `out` interfaces. This commit introduces two new parameters to the UFW module: `interface_in` and `interface_out`. These rules are mutually exclusive with the old `direction` and `interface` parameter because of the ambiguity of having e.g.: direction: XXX interface: foo interface_XXX: bar Fixes #63903		2019-12-02 08:01:44 +01:00
.github	Remove kustodian from postgres and opennebula (#64647 )	2019-11-11 11:00:49 +05:30
bin	Move ansible-test entry point. (#60281 )	2019-08-08 09:18:31 -07:00
changelogs	ufw: add support for interface_in and interface_out (#65382 )	2019-12-02 08:01:44 +01:00
contrib	cloudstack: exoscale: fix boilerplate (#63532 )	2019-10-19 09:37:23 +02:00
docs	Update playbooks_filters.rst (#64769 )	2019-11-26 13:39:12 -05:00
examples	Fix typos in `ansible.cfg` comments	2019-11-23 22:15:25 +01:00
hacking	Add integration tests for aws lightsail (#63770 )	2019-11-21 16:53:36 -07:00
lib/ansible	ufw: add support for interface_in and interface_out (#65382 )	2019-12-02 08:01:44 +01:00
licenses	Bundle a copy of github.com/nir0s/distro/distro.py	2018-12-17 11:01:01 -08:00
packaging	debian: install lib in dist-packages (#64412 )	2019-11-05 10:45:05 -05:00
test	ufw: add support for interface_in and interface_out (#65382 )	2019-12-02 08:01:44 +01:00
.cherry_picker.toml
.gitattributes
.gitignore	Overhaul ansible-test test path handling. (#61416 )	2019-08-27 23:40:06 -07:00
.mailmap
CODING_GUIDELINES.md	Tidy up Contributors Docs (#47619 )	2018-10-28 17:11:40 -05:00
COPYING
Makefile	rpmfilename must be constructed using rpmmacros	2019-10-01 10:29:40 -07:00
MANIFEST.in	Remove obsolete MANIFEST.in entries.	2019-09-17 21:49:05 -07:00
MODULE_GUIDELINES.md	Tidy up Contributors Docs (#47619 )	2018-10-28 17:11:40 -05:00
README.rst	Add or later to the license expressed in the README	2019-11-26 08:33:41 -08:00
requirements.txt	Change default smart connection to ssh on macOS and remove paramiko from requirements.txt (#54738 )	2019-04-03 22:35:59 -04:00
setup.py	Declare support for Python 3.8 @ Trove classifiers	2019-10-28 10:06:03 -07:00
shippable.yml	Switch from RHEL 8.0 & 8.1b to 8.1 in CI.	2019-11-07 13:17:49 -08:00

README.rst

Ansible

Ansible is a radically simple IT automation system. It handles configuration management, application deployment, cloud provisioning, ad-hoc task execution, network automation, and multi-node orchestration. Ansible makes complex changes like zero-downtime rolling updates with load balancers easy. More information on the Ansible website.

Design Principles

Have a dead simple setup process and a minimal learning curve.
Manage machines very quickly and in parallel.
Avoid custom-agents and additional open ports, be agentless by leveraging the existing SSH daemon.
Describe infrastructure in a language that is both machine and human friendly.
Focus on security and easy auditability/review/rewriting of content.
Manage new remote machines instantly, without bootstrapping any software.
Allow module development in any dynamic language, not just Python.
Be usable as non-root.
Be the easiest IT automation system to use, ever.

Use Ansible

You can install a released version of Ansible via pip, a package manager, or our release repository. See our installation guide for details on installing Ansible on a variety of platforms.

Red Hat offers supported builds of Ansible Engine.

Power users and developers can run the devel branch, which has the latest features and fixes, directly. Although it is reasonably stable, you are more likely to encounter breaking changes when running the devel branch. We recommend getting involved in the Ansible community if you want to run the devel branch.

Get Involved

Read Community Information for all kinds of ways to contribute to and interact with the project, including mailing list information and how to submit bug reports and code to Ansible.
Join a Working Group, an organized community devoted to a specific technology domain or platform.
Submit a proposed code update through a pull request to the devel branch.
Talk to us before making larger changes to avoid duplicate efforts. This not only helps everyone know what is going on, it also helps save time and effort if we decide some changes are needed.
For a list of email lists, IRC channels and Working Groups, see the Communication page

Branch Info

The devel branch corresponds to the release actively under development.
The stable-2.X branches correspond to stable releases.
Create a branch based on devel and set up a dev environment if you want to open a PR.
See the Ansible release and maintenance page for information about active branches.

Roadmap

Based on team and community feedback, an initial roadmap will be published for a major or minor version (ex: 2.7, 2.8). The Ansible Roadmap page details what is planned and how to influence the roadmap.

Authors

Ansible was created by Michael DeHaan and has contributions from over 4700 users (and growing). Thanks everyone!

Ansible is sponsored by Red Hat, Inc.

License

GNU General Public License v3.0 or later

See COPYING to see the full text.