This repository has been archived on 2023-12-29. You can view files and clone it, but cannot push or open issues or pull requests.
pi-ansible/roles/os_config/tasks/firewall.yml

26 lines
600 B
YAML
Raw Normal View History

2022-12-22 19:18:27 +00:00
# vim: ft=yaml.ansible
---
- name: Allow necessary ports in UFW
2023-03-22 18:31:21 +00:00
community.general.ufw:
2022-12-22 19:18:27 +00:00
rule: allow
port: "{{ item.port }}"
proto: "{{ item.proto | default('tcp') }}"
loop:
2023-01-03 21:30:22 +00:00
- port: '22' # SSH
2023-05-28 15:58:12 +00:00
- port: '53' # Pi-hole
proto: tcp
- port: '53' # Pi-hole
proto: udp
2023-01-03 21:30:22 +00:00
- port: '80' # HTTP
2023-05-28 15:58:12 +00:00
- port: '81' # Pi-hole
2023-01-03 21:30:22 +00:00
- port: '443' # HTTPS
- port: '18080' # monerod P2P
- port: '18089' # monerod RPC
- port: '51820' # Wireguard
2022-12-22 19:18:27 +00:00
proto: udp
- name: Enable UFW
2023-03-22 18:31:21 +00:00
community.general.ufw:
2022-12-22 19:18:27 +00:00
state: enabled
policy: deny