samsapti/pi-ansible
Archived
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Add 443/UDP for http3

Browse source
This commit is contained in:
Sam A. 2023-08-01 18:59:53 +02:00
parent aba33a6626
commit 823c0a0abe
Signed by: samsapti
GPG key ID: CBBBE7371E81C4EA
2 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
group_vars/all/vars.yml
View file

@ -26,6 +26,7 @@ open_ports:
- { port: '80', proto: 'tcp', comment: 'HTTP' } - { port: '80', proto: 'tcp', comment: 'HTTP' }
- { port: '81', proto: 'tcp', comment: 'Pi-hole (not port-forwarded)' } - { port: '81', proto: 'tcp', comment: 'Pi-hole (not port-forwarded)' }
- { port: '443', proto: 'tcp', comment: 'HTTPS' } - { port: '443', proto: 'tcp', comment: 'HTTPS' }
- { port: '443', proto: 'udp', comment: 'HTTPS' }
- { port: '4001', proto: 'tcp', comment: 'IPFS Kubo P2P' } - { port: '4001', proto: 'tcp', comment: 'IPFS Kubo P2P' }
- { port: '4001', proto: 'udp', comment: 'IPFS Kubo P2P' } - { port: '4001', proto: 'udp', comment: 'IPFS Kubo P2P' }
- { port: '5001', proto: 'tcp', comment: 'IPFS Kubo RPC API (not port-forwarded)' } - { port: '5001', proto: 'tcp', comment: 'IPFS Kubo RPC API (not port-forwarded)' }

6
roles/os_config/tasks/firewall.yml
View file

@ -2,11 +2,15 @@
--- ---
- name: Allow necessary ports in UFW - name: Allow necessary ports in UFW
community.general.ufw: community.general.ufw:
rule: allow
to_port: "{{ item.port }}" to_port: "{{ item.port }}"
proto: "{{ item.proto }}" proto: "{{ item.proto }}"
comment: "{{ item.comment }}" comment: "{{ item.comment }}"
insert: "{{ ansible_loop.index }}"
rule: allow
loop: "{{ open_ports }}" loop: "{{ open_ports }}"
loop_control:
extended: true
extended_allitems: false
- name: Enable UFW - name: Enable UFW
community.general.ufw: community.general.ufw: