Exported on 28-Sep-2021 11:58:51
Parameters
1 - CU Push sources.list File
Deploy the Debian sources.list file to a temporary directory.
Login as user {Linux User} on node {Linux Node}
2 - CU Overwrite sources.list
Determine the distro, if it's Debian 11.0 then copy the sources.list from temp dir to /etc/apt/, otherwise do nothing. Sudo to root is needed for the credential.
Login as user {Linux User} on node {Linux Node}
# check if it's Debian 11.0
if lsb_release -d | grep bullseye >/dev/null 2>&1; then
# make a backup
cp -f /etc/apt/sources.list{,.backup}
cp -f /tmp/sources.list /etc/apt/
fi
3 - CU Apt Update
Download package information from all configured sources. Sudo to root is needed for the credential.
Login as user {Linux User} on node {Linux Node}
apt update
4 - CU Install UFW
Install the UFW package. Sudo to root is needed for the credential.
Login as user {Linux User} on node {Linux Node}
apt install -y ufw
5 - CU Configure UFW
Make initial configuration to UFW. Sudo to root is needed for the credential.
Login as user {Linux User} on node {Linux Node}
# only allows SSH(port 22) for incoming traffic
ufw default deny incoming
ufw default allow outgoing
ufw allow 22
6 - CU Enable UFW
After installation, UFW remains inactive. So we need to enable UFW, which reloads firewall and enables firewall on boot. Sudo to root is needed for the credential.
Login as user {Linux User} on node {Linux Node}
echo 'y' | ufw enable
Using Attune to install and configure UFW on Debian / Ubuntu
This blueprint is used to install and configure UFW firewall on a host.
The UFW (uncomplicated firewall) is an interface to IPTables, which is supposed to simplify the process of configuring a firewall. The aim of UFW is a straightforward command-line-based front-end for the very powerful, but not exactly easy to configure IPTables to offer.
This has been test on Debian 11.0.0 / Ubuntu 20.04.2 LTS
Known issues
Pre-Blueprint Attune setup
Blueprint Steps