configurations-ansible/roles/iptables-ipfs/tasks/main.yml

---
# tasks file for iptables-ipfs

- name: setup iptables for IPFS
  when:
    - "is_docker is not true"
    - "ipfs_enabled is true"
  block:
    - name: Allow new, established packets on TCP/UDP port 4001 (IPFS)
      ansible.builtin.iptables:
        chain: INPUT
        protocol: tcp
        destination_port: "{{ ipfs_port }}"
        ctstate: NEW,ESTABLISHED
        jump: ACCEPT
        comment: IPFS dedicated port

    - name: iptables-persistent
      ansible.builtin.include_role:
        name: iptables-persistent
init repo with: iptables, pihole, snort, yggdrasil, basic hardening, os-updates 2022-11-18 18:33:37 +01:00			`---`
			`# tasks file for iptables-ipfs`

			`- name: setup iptables for IPFS`
			`when:`
			`- "is_docker is not true"`
add architecture_mapping; add harden systemd for basic hardening role; add ipfs dedicated role 2022-11-22 15:04:17 +01:00			`- "ipfs_enabled is true"`
init repo with: iptables, pihole, snort, yggdrasil, basic hardening, os-updates 2022-11-18 18:33:37 +01:00			`block:`
			`- name: Allow new, established packets on TCP/UDP port 4001 (IPFS)`
			`ansible.builtin.iptables:`
			`chain: INPUT`
			`protocol: tcp`
updating some roles with README 2022-11-21 16:52:36 +01:00			`destination_port: "{{ ipfs_port }}"`
init repo with: iptables, pihole, snort, yggdrasil, basic hardening, os-updates 2022-11-18 18:33:37 +01:00			`ctstate: NEW,ESTABLISHED`
			`jump: ACCEPT`
			`comment: IPFS dedicated port`

			`- name: iptables-persistent`
			`ansible.builtin.include_role:`
			`name: iptables-persistent`