From f7411d407f825cd630f8a32d683c7b931df46da6 Mon Sep 17 00:00:00 2001 From: miya0001 Date: Sat, 8 Aug 2015 05:27:32 +0900 Subject: [PATCH 1/3] add mailcatcher --- Vagrantfile | 4 ++++ provision/site-cookbooks/vccw/recipes/default.rb | 10 +++++----- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/Vagrantfile b/Vagrantfile index c60fb97..9b405cf 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -176,6 +176,10 @@ Vagrant.configure(2) do |config| { name: 'wordmove', options: '--no-ri --no-rdoc' + }, + { + name: 'mailcatcher', + options: '--no-ri --no-rdoc' } ] } diff --git a/provision/site-cookbooks/vccw/recipes/default.rb b/provision/site-cookbooks/vccw/recipes/default.rb index 200beba..2a2e48e 100644 --- a/provision/site-cookbooks/vccw/recipes/default.rb +++ b/provision/site-cookbooks/vccw/recipes/default.rb @@ -3,11 +3,7 @@ require 'shellwords' -include_recipe 'ruby_build' -include_recipe 'rbenv::system' -include_recipe 'vccw::phpenv' - -packages = %w{gettext subversion npm lftp sshpass} +packages = %w{gettext subversion npm lftp sshpass sqlite-devel} packages.each do |pkg| package pkg do @@ -15,6 +11,10 @@ end end +include_recipe 'ruby_build' +include_recipe 'rbenv::system' +include_recipe 'vccw::phpenv' + # # Setup WordPress i18n Tools # From 4e982e012a209d631a44a17b0f7bf2d6ac94ba69 Mon Sep 17 00:00:00 2001 From: miya0001 Date: Sun, 9 Aug 2015 13:08:33 +0900 Subject: [PATCH 2/3] open port 1080 --- .../wpcli/templates/default/wordpress-iptables.erb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/provision/site-cookbooks/wpcli/templates/default/wordpress-iptables.erb b/provision/site-cookbooks/wpcli/templates/default/wordpress-iptables.erb index a50aec8..94a434b 100644 --- a/provision/site-cookbooks/wpcli/templates/default/wordpress-iptables.erb +++ b/provision/site-cookbooks/wpcli/templates/default/wordpress-iptables.erb @@ -9,7 +9,7 @@ # Any established connection is money -A FWR -m state --state RELATED,ESTABLISHED -j ACCEPT -# ICMP +# ICMP -A FWR -p icmp -j ACCEPT # HTTP -A FWR -m tcp -p tcp --dport 80 -j ACCEPT @@ -21,6 +21,9 @@ # SSH -A FWR -m tcp -p tcp --dport 22 -j ACCEPT +# MailCatcher +-A FWR -m tcp -p tcp --dport 1080 -j ACCEPT + # Rejects all remaining connections with port-unreachable errors. -A FWR -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j REJECT --reject-with icmp-port-unreachable -A FWR -p udp -j REJECT --reject-with icmp-port-unreachable From 66212e1566a0558936193c8f884872e8c183ba84 Mon Sep 17 00:00:00 2001 From: miya0001 Date: Sun, 9 Aug 2015 15:25:58 +0900 Subject: [PATCH 3/3] disable iptables --- .../site-cookbooks/wpcli/recipes/install.rb | 9 +----- .../templates/default/wordpress-iptables.erb | 30 ------------------- 2 files changed, 1 insertion(+), 38 deletions(-) delete mode 100644 provision/site-cookbooks/wpcli/templates/default/wordpress-iptables.erb diff --git a/provision/site-cookbooks/wpcli/recipes/install.rb b/provision/site-cookbooks/wpcli/recipes/install.rb index 4c40d4f..cb8d0a6 100644 --- a/provision/site-cookbooks/wpcli/recipes/install.rb +++ b/provision/site-cookbooks/wpcli/recipes/install.rb @@ -11,14 +11,7 @@ service "iptables" do supports :status => true, :restart => true - action [:enable, :start] -end - -template "/etc/sysconfig/iptables" do - source "wordpress-iptables.erb" - owner "root" - group "root" - mode "0600" + action [:disable, :stop] end execute "mysql-install-wp-privileges" do diff --git a/provision/site-cookbooks/wpcli/templates/default/wordpress-iptables.erb b/provision/site-cookbooks/wpcli/templates/default/wordpress-iptables.erb deleted file mode 100644 index 94a434b..0000000 --- a/provision/site-cookbooks/wpcli/templates/default/wordpress-iptables.erb +++ /dev/null @@ -1,30 +0,0 @@ -*filter -:INPUT DROP -:FORWARD DROP -:OUTPUT ACCEPT -:FWR - --A INPUT -j FWR --A FWR -i lo -j ACCEPT - -# Any established connection is money --A FWR -m state --state RELATED,ESTABLISHED -j ACCEPT - -# ICMP --A FWR -p icmp -j ACCEPT -# HTTP --A FWR -m tcp -p tcp --dport 80 -j ACCEPT --A FWR -m tcp -p tcp --dport 443 -j ACCEPT - -# MySQL --A FWR -m tcp -p tcp --dport 3306 -j ACCEPT - -# SSH --A FWR -m tcp -p tcp --dport 22 -j ACCEPT - -# MailCatcher --A FWR -m tcp -p tcp --dport 1080 -j ACCEPT - -# Rejects all remaining connections with port-unreachable errors. --A FWR -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j REJECT --reject-with icmp-port-unreachable --A FWR -p udp -j REJECT --reject-with icmp-port-unreachable -COMMIT