Skip to content

Commit 2a943a6

Browse files
committed
Configure firewall in Ansible
1 parent 120178a commit 2a943a6

File tree

2 files changed

+33
-0
lines changed

2 files changed

+33
-0
lines changed

collections/requirements.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
---
22
collections:
3+
- name: ansible.posix
34
- name: community.general
45
- name: community.digitalocean

website.yml

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,38 @@
3737
- podman
3838
state: present
3939

40+
# Firewall setup
41+
# ##############
42+
- name: Enable firewall
43+
ansible.builtin.systemd:
44+
name: firewalld.service
45+
enabled: true
46+
state: started
47+
48+
- name: Allow SSH on firewall
49+
ansible.posix.firewalld:
50+
service: ssh
51+
permanent: true
52+
immediate: true
53+
offline: true
54+
state: enabled
55+
56+
- name: Allow HTTP on firewall
57+
ansible.posix.firewalld:
58+
service: http
59+
permanent: true
60+
immediate: true
61+
offline: true
62+
state: enabled
63+
64+
- name: Allow HTTPS on firewall
65+
ansible.posix.firewalld:
66+
service: https
67+
permanent: true
68+
immediate: true
69+
offline: true
70+
state: enabled
71+
4072
# Prepare and clone Git repositories
4173
# ##################################
4274
- name: Create Git repository directories

0 commit comments

Comments
 (0)