ansible/roles/ubuntu_base/tasks/firewall.yml

25 lines
545 B
YAML
Raw Normal View History

2022-11-10 20:48:24 +00:00
---
- name: Setup firewall with UFW
2022-11-26 08:52:41 +00:00
community.general.ufw:
2022-11-10 20:48:24 +00:00
state: enabled
policy: deny
2022-11-10 20:48:24 +00:00
- name: Allow necessary ports
community.general.ufw:
rule: allow
2022-11-26 08:52:41 +00:00
port: '{{ item.port }}'
proto: "{{ item.proto | default('tcp') }}"
2022-11-10 20:48:24 +00:00
loop:
2022-11-26 08:52:41 +00:00
- port: 22 # Gitea SSH
- port: 80 # HTTP
- port: 443 # HTTPS
- port: 389 # OpenLDAP
- port: 636 # OpenLDAP
- port: 25 # Email
- port: 465 # Email
- port: 587 # Email
- port: 993 # Email
- port: 19022 # SSH
2022-11-26 09:47:37 +00:00
loop_control:
loop_var: ubuntu_base_port