UnixPB: Remove Nagios Tunnel Scripts For Improved Security - Githubissues

adoptium / infrastructure

This repo contains all information about machine maintenance.

Apache License 2.0

84 stars 100 forks source link

UnixPB: Remove Nagios Tunnel Scripts For Improved Security #3526

Closed steelhead31 closed 2 months ago

steelhead31 commented 2 months ago

Fixes #3524

Following the security audit, the reverse tunnel scripts were deemed to be a security risk, vulnerable to man in the middle attacks. The creation of the nagios server specific config files, has already been migrated to the Nagios_Config playbook, and a new issue has been created for a new / amended playbook to configure the ssh connection. ( See https://github.com/adoptium/infrastructure/issues/3525 )

This PR removes the 2 problematic roles, from the playbook.

Checklist

[X] commit message has one of the standard prefixes
[ ] playbook changes run through VPC or QPC (if you have access)

steelhead31 commented 2 months ago

VPC in progress: https://ci.adoptium.net/job/VagrantPlaybookCheck/1868/

steelhead31 commented 2 months ago

/merge

github-actions[bot] commented 2 months ago

Approval to merge during the lockdown cycle

Please can two Adoptium PMC members comment /approve?

sxa commented 2 months ago

/approve

tellison commented 2 months ago

/approve