pi-ansible/roles/os_config/tasks/firewall.yml

# vim: ft=yaml.ansible
---
- name: Allow necessary ports in UFW
  community.general.ufw:
    to_port: "{{ item.port }}"
    proto: "{{ item.proto }}"
    comment: "{{ item.comment }}"
    insert: "{{ ansible_loop.index }}"
    rule: allow
  loop: "{{ open_ports }}"
  loop_control:
    extended: true
    extended_allitems: false

- name: Enable UFW
  community.general.ufw:
    policy: deny
    state: enabled
Add os_config role 2022-12-22 19:18:27 +00:00			`# vim: ft=yaml.ansible`
			`---`
			`- name: Allow necessary ports in UFW`
Linting 2023-03-22 18:31:21 +00:00			`community.general.ufw:`
Fix firewall task 2023-07-23 23:49:10 +00:00			`to_port: "{{ item.port }}"`
Define open ports in global variable file 2023-07-22 13:47:41 +00:00			`proto: "{{ item.proto }}"`
			`comment: "{{ item.comment }}"`
Add 443/UDP for http3 2023-08-01 16:59:53 +00:00			`insert: "{{ ansible_loop.index }}"`
			`rule: allow`
Define open ports in global variable file 2023-07-22 13:47:41 +00:00			`loop: "{{ open_ports }}"`
Add 443/UDP for http3 2023-08-01 16:59:53 +00:00			`loop_control:`
			`extended: true`
			`extended_allitems: false`
Add os_config role 2022-12-22 19:18:27 +00:00
			`- name: Enable UFW`
Linting 2023-03-22 18:31:21 +00:00			`community.general.ufw:`
Add os_config role 2022-12-22 19:18:27 +00:00			`policy: deny`
Add IPFS node 2023-07-02 00:09:57 +00:00			`state: enabled`