This commit is contained in:
decentral1se
33
tasks/main.yml
Normal file
33
tasks/main.yml
Normal file
@ -0,0 +1,33 @@
|
||||
---
|
||||
- name: Update the package cache
|
||||
apt:
|
||||
update_cache: true
|
||||
cache_valid_time: 3600
|
||||
|
||||
- name: Install ufw
|
||||
apt:
|
||||
name: ufw
|
||||
|
||||
- name: "Allow access on ports: {{ ufw_allow_ports | join(' ') }}"
|
||||
ufw:
|
||||
rule: allow
|
||||
port: "{{ item }}"
|
||||
proto: tcp
|
||||
state: enabled
|
||||
with_items: "{{ ufw_allow_ports }}"
|
||||
notify: Restart ufw
|
||||
|
||||
- name: "Disallow access on ports: {{ ufw_disallow_ports | join(' ') }}"
|
||||
ufw:
|
||||
rule: deny
|
||||
port: "{{ item }}"
|
||||
with_items: "{{ ufw_disallow_ports }}"
|
||||
notify: Restart ufw
|
||||
|
||||
- name: Default policy deny
|
||||
ufw:
|
||||
policy: deny
|
||||
|
||||
- name: Enable the firewall
|
||||
ufw:
|
||||
state: enabled
|
||||
Reference in New Issue
Block a user