configurations-ansible/roles/iptables-webserver/tasks/main.yml

21 lines
612 B
YAML

---
# tasks file for iptables-webserver
- name: Setup iptables for webserver 80 and 443
when:
- "is_docker is not true"
- "iptables_webserver_enabled is true"
block:
- name: Allow new, established packets on TCP ports 80/443 (Webserver)
ansible.builtin.iptables:
chain: INPUT
protocol: tcp
destination_port: "{{ port }}"
ctstate: NEW,ESTABLISHED
jump: ACCEPT
comment: Webserver dedicated port
loop: "{{ iptables_webserver_ports }}"
- name: iptables-persistent
ansible.builtin.include_role:
name: iptables-persistent