2022-11-18 18:33:37 +01:00
|
|
|
---
|
|
|
|
|
# tasks file for iptables-ipfs
|
|
|
|
|
|
2023-01-13 18:01:41 +01:00
|
|
|
- ansible.builtin.debug:
|
|
|
|
|
msg: "ENABLED = {{ ipfs_enabled }}; iptables-ipfs role"
|
|
|
|
|
|
|
|
|
|
- when:
|
2022-11-18 18:33:37 +01:00
|
|
|
- "is_docker is not true"
|
|
|
|
|
block:
|
2023-01-13 18:01:41 +01:00
|
|
|
- name: allow/ disallow established packets on TCP/UDP port 4001 (IPFS)
|
2022-11-18 18:33:37 +01:00
|
|
|
ansible.builtin.iptables:
|
|
|
|
|
chain: INPUT
|
|
|
|
|
protocol: tcp
|
2023-01-13 18:01:41 +01:00
|
|
|
state: "{{ 'present' if ipfs_enabled is true else 'absent' }}"
|
2022-11-21 16:52:36 +01:00
|
|
|
destination_port: "{{ ipfs_port }}"
|
2022-11-18 18:33:37 +01:00
|
|
|
ctstate: NEW,ESTABLISHED
|
|
|
|
|
jump: ACCEPT
|
|
|
|
|
comment: IPFS dedicated port
|
|
|
|
|
|
|
|
|
|
- name: iptables-persistent
|
|
|
|
|
ansible.builtin.include_role:
|
|
|
|
|
name: iptables-persistent
|
