datacoop.ansible/roles/ubuntu_base/tasks/firewall.yml

21 lines
477 B
YAML

---
- name: Setup firewall with UFW
community.general.ufw:
state: enabled
policy: deny
- name: Allow necessary ports
community.general.ufw:
rule: allow
port: "{{ item }}"
loop:
- "22/tcp" # Gitea SSH
- "80/tcp" # HTTP
- "443/tcp" # HTTPS
- "389/tcp" # OpenLDAP
- "636/tcp" # OpenLDAP
- "25/tcp" # Email
- "465/tcp" # Email
- "587/tcp" # Email
- "993/tcp" # Email
- "19022/tcp" # SSH