Maciej Delmanowski
Maciej Delmanowski
Hmm, OK - it might be the same problem that with `debops.pki/env` because this specific task is nested, and not flattened. Try moving the variable the same way as with...
@antoineco So when you move the `custom_pki_realms` variable in the playbook it works? I guess that confirms the issue, these lists need to be flattened by templates in specific places.
@robertomatute Unfortunately, not. DebOps, and IIRC Ansible's `sysctl` module configure their parameters in `/etc/sysctl.d/` directory in separate files. Using `sysctl -p` loads just contents of the `/etc/sysctl.conf` file itself. As...
@robertomatute Unfortunately I think that there are no `procps` packages backported to Ubuntu Precise which contain `sysctl` with support for `--system` option. Perhaps you could try adding Ubuntu Trusty repositories,...
Good idea, probably adding `item.interface` option to `dport_accept` and other INPUT rules should be sufficient to make this possible. I plan to move them in the near future to the...
@StephanErb `debops.ferm` is currently being redesigned to use more subdirectories, documentation will probably be next on my plate, and it will be included on http://docs.debops.org/ site as well as in...
You can specify `OUTPUT` rules just like other firewall rules stored in `ferm__*_rules` variables. The default `OUTPUT` policy rule is [specified in the variables](https://github.com/debops/ansible-ferm/blob/master/defaults/main.yml#L179-L183), all you need to do in...
Let's put it this way - I'm not opposed to having multiple DNS servers in DebOps, I imagine that each one has its own pros and cons (for example `dnsmasq`...
What roles did you enable for that host? There were some issues with `debops.libvirtd` and `debops.docker` that prevented the host to be rebooted properly, basically `ferm` tried to start `libvirtd`...
The [`debops.ferm` task list](https://github.com/debops/debops/blob/master/ansible/roles/debops.ferm/tasks/main.yml) doesn't reload `systemd`. I'm not sure what could have caused `systemd` to reload its configuration at that time. Check the `/etc/ferm/` directory, are there any custom...