Proyecto

General

Perfil

« Anterior | Siguiente » 

Revisión 151

Añadido por Francisco Rodrigo hace alrededor de 14 años

Actualizada tarea squid-ltsp para que cargue las reglas de denegar https y corte las mismas en los servidores de aula

Ver diferencias:

tareas_puppet/servidores_aula/squid-ltsp/manifests/init.pp
command => "/bin/rm -f /etc/init.d/enable-proxy; /usr/sbin/update-rc.d -f enable-proxy remove; /usr/sbin/update-rc.d enable-local-proxy start 21 2 3 4 5 . stop 01 0 1 6;",
require => File["/etc/init.d/enable-local-proxy"],
unless => "/bin/ls /etc/rc2.d/S21enable-local-proxy",
refreshonly => true,
}
exec { "denegar-https":
command => "/usr/sbin/update-rc.d deny_https_iptables start 31 2 3 4 5 . stop 01 0 1 6;",
command => "/usr/sbin/update-rc.d -f deny_https_iptables remove;/usr/sbin/update-rc.d deny_https_iptables start 01 2 3 4 5 . stop 01 0 1 6;",
require => File["/etc/network/iptables"],
require => File["/etc/init.d/deny_https_iptables"],
unless => "/bin/ls /etc/rc2.d/S31deny_https_iptables",
refreshonly => true,
unless => "/bin/ls /etc/rc2.d/S01deny_https_iptables",
}
exec { "instalar-sarg-squid-apache2":
command => "/usr/bin/apt-get update; /usr/bin/dpkg --configure -a; /usr/bin/apt-get -yf --force-yes install squid sarg apache2",
unless => "/usr/bin/dpkg -l | egrep 'apache2 | squid | sarg'",
unless => "/usr/bin/test `/usr/bin/dpkg -l | egrep 'apache2 | squid | sarg' | grep ii | wc -l` -eq 3",
}
file {
......
"/etc/squid/acl/LEER":
owner=>root, group=>root, mode=>644,
source=>"puppet:///squid-ltsp/acl/LEER",
require => Exec["instalar-sarg-squid-apache2"],
notify => Exec["reiniciar-squid"];
"/etc/squid/acl/deny_https":
owner=>root, group=>root, mode=>644,
source=>"puppet:///squid-ltsp/acl/deny_https",
require => File["/etc/network/iptables"],
require => File["/etc/init.d/deny_https_iptables"],
}
file { "/etc/squid/proxys_intermedios.sh":

Exportar a: Unified diff