mirror of
https://github.com/schnidrig/openhab-ansible
synced 2026-01-12 00:48:46 +01:00
38 lines
617 B
YAML
38 lines
617 B
YAML
---
|
|
|
|
- name: "Allow SSH"
|
|
community.general.ufw:
|
|
rule: allow
|
|
name: OpenSSH
|
|
|
|
- name: "Allow HTTP for letsencrypt"
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: "80"
|
|
proto: tcp
|
|
|
|
- name: "Allow HTTPS"
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: "443"
|
|
proto: tcp
|
|
|
|
- name: "Allow all private IPv4 networks"
|
|
community.general.ufw:
|
|
rule: allow
|
|
src: '{{ item }}'
|
|
with_items:
|
|
- 10.0.0.0/8
|
|
- 172.16.0.0/12
|
|
- 192.168.0.0/16
|
|
|
|
- name: "Set logging"
|
|
community.general.ufw:
|
|
logging: "on"
|
|
|
|
- name: "Enable UFW"
|
|
community.general.ufw:
|
|
state: enabled
|
|
policy: deny
|
|
|