rubber 2.7.1 → 2.7.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +0 -3
- data/CHANGELOG +27 -0
- data/lib/rubber/cloud/base.rb +20 -0
- data/lib/rubber/version.rb +1 -1
- data/templates/base/config/rubber/rubber-ruby.yml +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6940ea5e0cb81d87cfaa82db6de3ee16f6d5d168
|
4
|
+
data.tar.gz: b1b6733ea20d6cf90fc1ca8fecb4387116f7ea29
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bdccc42cb87b92a3e8a5b01c10fb5fb54eb3e58745c8bf67cfb4f4ae6021394a67103a788039fcd22d937751b2084c890bdb7613d359a7647e18c0bccc299352
|
7
|
+
data.tar.gz: 6d997b7772bd6f6af261ef99938d91bef879093830a31383277b74fb32c0938966db6e7eb56fbb597b5e783eb7706ba364de91251f5a0f3935f2e700ac8faf9d
|
data/.travis.yml
CHANGED
data/CHANGELOG
CHANGED
@@ -1,3 +1,29 @@
|
|
1
|
+
2.7.2 (02/12/2014)
|
2
|
+
|
3
|
+
*SECURITY WARNING*: Versions of rubber prior to this release will not save your iptables rules. Upon reboot of your
|
4
|
+
server, it will load with a clear set of rules, effectively making every port on your server publicly accessible.
|
5
|
+
|
6
|
+
Who is affected?
|
7
|
+
|
8
|
+
Anyone not using EC2. The EC2 code path uses EC2 security groups. All other providers use iptables.
|
9
|
+
|
10
|
+
How do I fix it?
|
11
|
+
|
12
|
+
Upgrade to rubber 2.7.2 and run `cap rubber:setup_security_groups`, which will both refresh the iptables rules and
|
13
|
+
set up the files needed to persist and releoad rules.
|
14
|
+
|
15
|
+
|
16
|
+
Improvements:
|
17
|
+
============
|
18
|
+
|
19
|
+
[base] Upgraded from ruby-build 20131220.1 to 20140210. <a1288ac>
|
20
|
+
|
21
|
+
Bug Fixes:
|
22
|
+
=========
|
23
|
+
|
24
|
+
[core] Save and restore iptables rules upon reboot. <72526aa>
|
25
|
+
|
26
|
+
|
1
27
|
2.7.1 (02/04/2014)
|
2
28
|
|
3
29
|
Improvements:
|
@@ -10,6 +36,7 @@ Bug Fixes:
|
|
10
36
|
|
11
37
|
[core] Fixed a permissions problem with some files in the gem.
|
12
38
|
|
39
|
+
|
13
40
|
2.7.0 (02/03/2014)
|
14
41
|
|
15
42
|
New Features:
|
data/lib/rubber/cloud/base.rb
CHANGED
@@ -155,6 +155,26 @@ module Rubber
|
|
155
155
|
|
156
156
|
script << "\niptables -A INPUT -j DROP -m comment --comment 'Disable all other connections.'"
|
157
157
|
|
158
|
+
iptables_load = <<-FILE
|
159
|
+
#!/bin/sh
|
160
|
+
|
161
|
+
iptables-restore < /etc/iptables.rules
|
162
|
+
exit 0
|
163
|
+
FILE
|
164
|
+
|
165
|
+
iptables_save = <<-FILE
|
166
|
+
#!/bin/sh
|
167
|
+
|
168
|
+
iptables-save -c > /etc/iptables.rules
|
169
|
+
if [ -f /etc/iptables.downrules ]; then
|
170
|
+
iptables-restore < /etc/iptables.downrules
|
171
|
+
fi
|
172
|
+
exit 0
|
173
|
+
FILE
|
174
|
+
|
175
|
+
capistrano.put(iptables_load, '/etc/network/if-pre-up.d/iptablesload', :mode => "+x")
|
176
|
+
capistrano.put(iptables_save, '/etc/network/if-post-down.d/iptablessave', :mode => "+x")
|
177
|
+
|
158
178
|
capistrano.run_script 'setup_firewall_rules', script, :hosts => instance.external_ip
|
159
179
|
end
|
160
180
|
|
data/lib/rubber/version.rb
CHANGED
@@ -12,7 +12,7 @@ packages: [build-essential, git-core, subversion, curl, autoconf, bison, ruby, z
|
|
12
12
|
|
13
13
|
# REQUIRED: The version of ruby-build to use for building ruby.
|
14
14
|
# It must be one of the versions from https://github.com/sstephenson/ruby-build/blob/master/CHANGELOG.md
|
15
|
-
ruby_build_version:
|
15
|
+
ruby_build_version: 20140210
|
16
16
|
|
17
17
|
# REQUIRED: Set to the version string for the ruby version you wish to use
|
18
18
|
# Run "ruby-build --definitions" to see the list of possible options or look through the list of
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rubber
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.7.
|
4
|
+
version: 2.7.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Matt Conway
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2014-02-
|
12
|
+
date: 2014-02-12 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: capistrano
|