forked from data.coop/ansible
42 lines
713 B
YAML
42 lines
713 B
YAML
---
|
|
- name: Setup firewall with UFW
|
|
community.general.ufw:
|
|
state: enabled
|
|
policy: deny
|
|
- name: Allow necessary ports
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: "{{ item.port }}"
|
|
proto: "{{ item.proto }}"
|
|
loop:
|
|
# Gitea SSH
|
|
- port: 22
|
|
proto: "tcp"
|
|
# HTTP
|
|
- port: 80
|
|
proto: "tcp"
|
|
# HTTPS
|
|
- port: 443
|
|
proto: "tcp"
|
|
# OpenLDAP
|
|
- port: 389
|
|
proto: "tcp"
|
|
# OpenLDAP
|
|
- port: 636
|
|
proto: "tcp"
|
|
# Email
|
|
- port: 25
|
|
proto: "tcp"
|
|
# Email
|
|
- port: 465
|
|
proto: "tcp"
|
|
# Email
|
|
- port: 587
|
|
proto: "tcp"
|
|
# Email
|
|
- port: 993
|
|
proto: "tcp"
|
|
# SSH
|
|
- port: 19022
|
|
proto: "tcp"
|