unitoo/configurations-ansible
1
0
Fork 1
Code Issues 4 Pull requests Releases Packages Activity
configurations-ansible/roles/iptables-webserver/tasks/main.yml

24 lines
751 B
YAML
Raw Normal View History

init repo with: iptables, pihole, snort, yggdrasil, basic hardening, os-updates
2022-11-18 18:33:37 +01:00
---
# tasks file for iptables-webserver
add some debug messages; cleanup of some blocks; update some README with missing useful informations
2023-01-13 18:01:41 +01:00
- ansible.builtin.debug:
msg: "ENABLED = {{ iptables_webserver_enabled }}; PORTS = {{ iptables_webserver_ports }}; iptables-webserver role"
- when:
init repo with: iptables, pihole, snort, yggdrasil, basic hardening, os-updates
2022-11-18 18:33:37 +01:00
- "is_docker is not true"
block:
- name: Allow new, established packets on TCP ports 80/443 (Webserver)
ansible.builtin.iptables:
chain: INPUT
protocol: tcp
add some debug messages; cleanup of some blocks; update some README with missing useful informations
2023-01-13 18:01:41 +01:00
state: "{{ 'present' if iptables_webserver_enabled is true else 'absent' }}"
fix typo with iptables-webserver; add custom list installation for pihole; add snort community rules configuration and setup
2022-11-19 11:48:56 +01:00
destination_port: "{{ item }}"
init repo with: iptables, pihole, snort, yggdrasil, basic hardening, os-updates
2022-11-18 18:33:37 +01:00
ctstate: NEW,ESTABLISHED
jump: ACCEPT
comment: Webserver dedicated port
loop: "{{ iptables_webserver_ports }}"
- name: iptables-persistent
ansible.builtin.include_role:
name: iptables-persistent
Reference in a new issue Copy permalink