Skip to content
Browse files

Initial import.

  • Loading branch information...
0 parents commit e6bad6d5507b8295332e671cb689e0e153714fac @carlo committed May 26, 2011
Showing with 62 additions and 0 deletions.
  1. +16 −0 README.mdown
  2. +2 −0 attributes/default.rb
  3. +22 −0 metadata.rb
  4. +6 −0 recipes/allow.rb
  5. +10 −0 recipes/default.rb
  6. +6 −0 recipes/deny.rb
16 README.mdown
@@ -0,0 +1,16 @@
+# chef-ufw
+
+Installs and enables Ubuntu's
+[Uncomplicated Firewall](https://help.ubuntu.com/community/UFW).
+
+## Attributes
+
+* `ufw/allow`: array containing 'allow' rules
+* `ufw/deny`: array containing 'deny' rules
+
+
+## Recipes
+
+* `ufw`: installs and enables UFW
+* `ufw::allow`: sets up 'allow' rules
+* `ufw::deny`: sets up 'deny' rules
2 attributes/default.rb
@@ -0,0 +1,2 @@
+default[:ufw][:allow] = [ "ssh", "http" ]
+default[:ufw][:deny] = []
22 metadata.rb
@@ -0,0 +1,22 @@
+maintainer "Carlo Zottmann"
+maintainer_email "carlo@zottmann.org"
+license "WTFPL"
+description "Installs UFW (Uncomplicated Firewall)"
+version "1.0"
+depends "aptitude"
+supports "ubuntu"
+
+recipe "ufw", "Installs and enables UFW"
+recipe "ufw::allow", "sets up 'allow' rules"
+recipe "ufw::deny", "sets up 'deny' rules"
+
+attribute "ufw/allow",
+ :display_name => "'allow' arguments",
+ :description => "An array containing 'allow' rules (<port>/<optional: protocol>)",
+ :default => [ "ssh", "http" ]
+
+attribute "ufw/deny",
+ :display_name => "'deny' arguments",
+ :description => "An array containing 'deny' rules (<port>/<optional: protocol>)",
+ :default => []
+
6 recipes/allow.rb
@@ -0,0 +1,6 @@
+node[:ufw][:deny].each do |allow|
+ execute "allow #{allow}" do
+ user "root"
+ command "ufw allow #{allow}"
+ end
+end
10 recipes/default.rb
@@ -0,0 +1,10 @@
+include_recipe "aptitude"
+
+package "ufw" do
+ action :upgrade
+end
+
+execute "enable UFW" do
+ user "root"
+ command "ufw enable"
+end
6 recipes/deny.rb
@@ -0,0 +1,6 @@
+node[:ufw][:deny].each do |deny|
+ execute "deny #{deny}" do
+ user "root"
+ command "ufw deny #{deny}"
+ end
+end

0 comments on commit e6bad6d

Please sign in to comment.
Something went wrong with that request. Please try again.