rubber 2.7.1 → 2.7.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7cbda283edc16bbe012a0ce56c5e92c20a8d8c21
-  data.tar.gz: 583d7334e295243b76624c609922856090bfb9c8
+  metadata.gz: 6940ea5e0cb81d87cfaa82db6de3ee16f6d5d168
+  data.tar.gz: b1b6733ea20d6cf90fc1ca8fecb4387116f7ea29
 SHA512:
-  metadata.gz: 419841ea7f76f82175116bd718e7a043d4a060e55b984ee4e3f43c37cee5cbe090f976a3db61b7659f6f6886a69a7bb7c1ab61685f5a009561d5e20abc986b12
-  data.tar.gz: f4e86f0a43720d2b796c567f5fbbd477bf21001651c8551c078490941ea16eb51fd10643facbc5a266edf6186401d7c5b73478bc699fc016416c8a4e9f0c033a
+  metadata.gz: bdccc42cb87b92a3e8a5b01c10fb5fb54eb3e58745c8bf67cfb4f4ae6021394a67103a788039fcd22d937751b2084c890bdb7613d359a7647e18c0bccc299352
+  data.tar.gz: 6d997b7772bd6f6af261ef99938d91bef879093830a31383277b74fb32c0938966db6e7eb56fbb597b5e783eb7706ba364de91251f5a0f3935f2e700ac8faf9d

data/.travis.yml

@@ -44,9 +44,6 @@ matrix:
     - rvm: 1.8.7
     - rvm: jruby-18mode
 
-before_install:
-  - gem install bundler -v '= 1.5.1'
-
 # script: bundle exec rspec spec
 env:
   global:

data/CHANGELOG

@@ -1,3 +1,29 @@
+2.7.2 (02/12/2014)
+
+*SECURITY WARNING*: Versions of rubber prior to this release will not save your iptables rules.  Upon reboot of your
+server, it will load with a clear set of rules, effectively making every port on your server publicly accessible.
+
+Who is affected?
+
+Anyone not using EC2.  The EC2 code path uses EC2 security groups.  All other providers use iptables.
+
+How do I fix it?
+
+Upgrade to rubber 2.7.2 and run `cap rubber:setup_security_groups`, which will both refresh the iptables rules and
+set up the files needed to persist and releoad rules.
+
+
+Improvements:
+============
+
+[base] Upgraded from ruby-build 20131220.1 to 20140210. <a1288ac>
+
+Bug Fixes:
+=========
+
+[core] Save and restore iptables rules upon reboot. <72526aa>
+
+
 2.7.1 (02/04/2014)
 
 Improvements:
@@ -10,6 +36,7 @@ Bug Fixes:
 
 [core] Fixed a permissions problem with some files in the gem.
 
+
 2.7.0 (02/03/2014)
 
 New Features:

data/lib/rubber/cloud/base.rb

@@ -155,6 +155,26 @@ module Rubber
 
         script << "\niptables -A INPUT -j DROP -m comment --comment 'Disable all other connections.'"
 
+        iptables_load = <<-FILE
+#!/bin/sh
+
+iptables-restore < /etc/iptables.rules
+exit 0
+        FILE
+
+        iptables_save = <<-FILE
+#!/bin/sh
+
+iptables-save -c > /etc/iptables.rules
+if [ -f /etc/iptables.downrules ]; then
+   iptables-restore < /etc/iptables.downrules
+fi
+exit 0
+        FILE
+
+        capistrano.put(iptables_load, '/etc/network/if-pre-up.d/iptablesload', :mode => "+x")
+        capistrano.put(iptables_save, '/etc/network/if-post-down.d/iptablessave', :mode => "+x")
+
         capistrano.run_script 'setup_firewall_rules', script, :hosts => instance.external_ip
       end
 

data/lib/rubber/version.rb

@@ -1,3 +1,3 @@
 module Rubber
-  VERSION = "2.7.1"
+  VERSION = "2.7.2"
 end

data/templates/base/config/rubber/rubber-ruby.yml

@@ -12,7 +12,7 @@ packages: [build-essential, git-core, subversion, curl, autoconf, bison, ruby, z
 
 # REQUIRED: The version of ruby-build to use for building ruby.
 # It must be one of the versions from https://github.com/sstephenson/ruby-build/blob/master/CHANGELOG.md
-ruby_build_version: 20131220.1
+ruby_build_version: 20140210
 
 # REQUIRED: Set to the version string for the ruby version you wish to use
 # Run "ruby-build --definitions" to see the list of possible options or look through the list of

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rubber
 version: !ruby/object:Gem::Version
-  version: 2.7.1
+  version: 2.7.2
 platform: ruby
 authors:
 - Matt Conway
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-02-04 00:00:00.000000000 Z
+date: 2014-02-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: capistrano