]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/networking/attributes/default.rb
projects / chef.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix cookstyle warnings
[chef.git] / cookbooks / networking / attributes / default.rb
diff --git a/cookbooks/networking/attributes/default.rb b/cookbooks/networking/attributes/default.rb
index 9a03eb3fa6012edafe3cb392ac7922c82f2e4b9a..6881fcafeb1f1d226779d80b4d529ee30bb9d6c2 100644 (file)
--- a/cookbooks/networking/attributes/default.rb
+++ b/cookbooks/networking/attributes/default.rb
@@ -1,3 +1,20 @@
-default[:networking][:interfaces] = { }
-default[:networking][:nameservers] = [ ]
-default[:networking][:search] = [ ]
+wireguard_id = %x(systemd-id128 machine-id -a 3f36688c233848dfa84e4b176195622e)
+
+default[:networking][:firewall][:enabled] = true
+default[:networking][:firewall][:inet] = []
+default[:networking][:firewall][:inet6] = []
+default[:networking][:firewall][:http_rate_limit] = "-"
+default[:networking][:firewall][:http_connection_limit] = "-"
+default[:networking][:firewall][:log] = true
+default[:networking][:firewall][:mark] = true
+default[:networking][:firewall][:raw] = true
+default[:networking][:firewall][:mangle] = true
+default[:networking][:interfaces] = {}
+default[:networking][:nameservers] = []
+default[:networking][:search] = []
+default[:networking][:dnssec] = "allow-downgrade"
+default[:networking][:hostname] = node.name
+default[:networking][:wireguard][:enabled] = false
+default[:networking][:wireguard][:address] = "fd43:e709:ea6d:1:#{wireguard_id[0, 4]}:#{wireguard_id[4, 4]}:#{wireguard_id[8, 4]}:#{wireguard_id[12, 4]}"
+default[:networking][:wireguard][:keepalive] = false
+default[:networking][:wireguard][:peers] = []
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.