2022-11-10 20:48:24 +00:00
|
|
|
---
|
|
|
|
- name: Setup firewall with UFW
|
2022-11-26 08:52:41 +00:00
|
|
|
community.general.ufw:
|
2022-11-10 20:48:24 +00:00
|
|
|
state: enabled
|
|
|
|
policy: deny
|
2022-11-22 20:37:37 +00:00
|
|
|
|
2022-11-10 20:48:24 +00:00
|
|
|
- name: Allow necessary ports
|
|
|
|
community.general.ufw:
|
|
|
|
rule: allow
|
2022-11-26 08:52:41 +00:00
|
|
|
port: '{{ item.port }}'
|
2022-11-22 20:37:37 +00:00
|
|
|
proto: "{{ item.proto | default('tcp') }}"
|
2022-11-10 20:48:24 +00:00
|
|
|
loop:
|
2022-11-26 08:52:41 +00:00
|
|
|
- port: 22 # Gitea SSH
|
|
|
|
- port: 80 # HTTP
|
|
|
|
- port: 443 # HTTPS
|
|
|
|
- port: 389 # OpenLDAP
|
|
|
|
- port: 636 # OpenLDAP
|
|
|
|
- port: 25 # Email
|
|
|
|
- port: 465 # Email
|
|
|
|
- port: 587 # Email
|
|
|
|
- port: 993 # Email
|
|
|
|
- port: 19022 # SSH
|
2022-11-26 09:47:37 +00:00
|
|
|
loop_control:
|
|
|
|
loop_var: ubuntu_base_port
|