openstack
/
puppet-tripleo
Code Issues Proposed changes
RETIRED, Lightweight composition layer for Puppet TripleO
1,038 Commits 3 Branches 39 Tags 63 MiB
Go to file
Oliver Walsh fd20b306b0 Restrict nova migration ssh tunnel 
This change enhances the security of the migration ssh tunnel:
- The ssh authorized_keys file is only writeable by root.
- Creates a new user for migration instead of using root/nova.
- Disables SSH forwarding for this user.
- Optionally restricts the networks that this user can connect from.
- Uses an ssh wrapper command to whitelist the commands that this user can run
  over ssh.

Requires the openstack-nova-migration package from
https://review.rdoproject.org/r/6327

bp tripleo-cold-migration

Change-Id: Idb56acd1e1ecb5a5fd4d942969be428cc9cbe293
(cherry picked from commit f8ca94a5b7)
 		2017-06-01 18:33:46 +00:00
lib Throw warnings for norpm actions 2017-03-09 00:37:44 +00:00
manifests Restrict nova migration ssh tunnel 2017-06-01 18:33:46 +00:00
releasenotes Restrict nova migration ssh tunnel 2017-06-01 18:33:46 +00:00
spec Restrict nova migration ssh tunnel 2017-06-01 18:33:46 +00:00
templates Enable languages in UI config 2017-02-18 15:19:32 +00:00
.gitignore Update gitignore not to exclude fixture hieradata 2017-05-19 14:05:18 -04:00
.gitreview Update .gitreview for stable/ocata 2017-02-16 12:59:09 +00:00
.sync.yml Initial msync run for all Puppet OpenStack modules 2015-08-18 14:30:54 +02:00
Gemfile Update Gemfile to pull spec_helper from stable/ocata 2017-04-24 11:46:22 -04:00
LICENSE Add basic structure for a Puppet module 2015-02-02 11:39:21 -05:00
Puppetfile_extras SSHD Service extensions 2017-04-21 14:06:12 +01:00
README.md Show team and repo badges on README 2016-11-25 17:16:13 +01:00
Rakefile Composable HA 2017-01-25 19:32:31 +00:00
bindep.txt Add bindep support 2017-03-13 21:56:19 +00:00
metadata.json Prepare 6.4.0 release (ocata) 2017-04-27 10:39:16 -04:00
setup.cfg Add basic structure for ReNo 2016-12-03 13:16:33 +00:00
setup.py Add basic structure for ReNo 2016-12-03 13:16:33 +00:00
test-requirements.txt Add basic structure for ReNo 2016-12-03 13:16:33 +00:00
tox.ini Add basic structure for ReNo 2016-12-03 13:16:33 +00:00

README.md

Team and repository tags

Team and repository tags

puppet-tripleo

Lightweight composition layer for Puppet TripleO.