privazio/ansible-collection-vdc
2
0
Fork 0
Code Issues 63 Pull requests Projects Releases Packages Wiki Activity Actions

Firewall for APT and Mirrors #122

New issue
Open
opened 2022-05-16 11:44:23 +00:00 by rafael · 2 comments
rafael commented 2022-05-16 11:44:23 +00:00 (Migrated from gitlab.privaz.io)
Copy link

Currently ACS is configured with a too thin grained firewall.

every single communication type has to be granted explicitly.

this is a problem in particular for package installation, as package managers rely on multiple mirrors that change often of have multiple IPs, etc.

A compromise would be to allow the APT user to use the internet on ports 80, 443

Currently ACS is configured with a too thin grained firewall. every single communication type has to be granted explicitly. this is a problem in particular for package installation, as package managers rely on multiple mirrors that change often of have multiple IPs, etc. A compromise would be to allow the APT user to use the internet on ports 80, 443
rafael commented 2022-05-16 11:57:12 +00:00 (Migrated from gitlab.privaz.io)
Copy link

mentioned in commit 088a755e04

mentioned in commit 088a755e047175c82c95db1112735a72b82acc9a
rafael commented 2022-05-17 11:23:38 +00:00 (Migrated from gitlab.privaz.io)
Copy link

A patch has been implemented in which processes by the _apt user are allowed to go out on ports 80,443 and the mirror subsystem is therefore left alone.

A patch has been implemented in which processes by the _apt user are allowed to go out on ports 80,443 and the mirror subsystem is therefore left alone.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
edge-v2
stable-v2
master
feature-edge-acs-1.15.1
fix-edge-88
edge-v1
feature-edge-77b
fix-edge-79
fix-ubuntu-edge-79
fix-ubuntu-edge-73
stable-v1
feature-acs-ubuntu-edge
fix-issue-48
v2.2.10
v2.2.9
v2.2.8
v2.2.7
v2.2.6
v2.2.5
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.1.5
v2.1.4
v2.1.3
v2.1.2
v2.1.1
v2.0.28
v2.0.27
v2.0.26
v2.0.25
v2.0.24
v2.0.23
v2.0.22
v2.0.21
v2.0.20
v2.0.19
v2.0.18
v2.0.17
v2.0.16
v2.0.15
v2.0.14
v2.0.13
v2.0.12
v2.0.11
v2.0.10
v2.0.9
v2.0.8
v2.0.7
v2.0.6
v2.0.5
v2.0.4
v2.0.3
v2.0.2
v1.0.56
v2.0.1
v1.0.55
v1.0.54
v1.0.53
v1.0.52
v1.0.51
v1.0.50
v1.0.49
v1.0.48
v1.0.47
v1.0.46
v1.0.45
v1.0.44
v1.0.43
v1.0.42
v1.0.41
v1.0.40
v1.0.39
v1.0.38
v1.0.37
v1.0.36
v1.0.35
v1.0.34
v1.0.33
v1.0.32
v1.0.31
v1.0.30
v1.0.29
v1.0.28
v1.0.27
v1.0.26
v1.0.25
v1.0.24
v1.0.23
v1.0.22
v1.0.21
v1.0.20
v1.0.19
v1.0.18
v1.0.17
v1.0.16
v1.0.15
v1.0.14
v1.0.13
v1.0.12
v1.0.11
v1.0.10
v1.0.9
v1.0.8
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
Labels
Clear labels   
ACS 4.15

   
Doing

   
Regression

   
To Do

   
critical

This issue implies blocking progress

  
enhancement

New feature

  
major

This issue implies a major release

  
minor

This issue implies a minor release

  
operations

   
patch

this issue implies a patch release

No labels
ACS 4.15
Doing
Regression
To Do
critical
enhancement
major
minor
operations
patch
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
privazio/ansible-collection-vdc#122
No description provided.