vm-ansible/roles/neko/tasks/main.yaml

66 lines
1.2 KiB
YAML
Raw Normal View History

2022-04-12 16:26:46 +02:00
---
- name: "Install haproxy via apt"
apt:
update_cache: yes
state: present
name:
- haproxy
2022-04-12 17:33:48 +02:00
- name: Enable haproxy
service:
name: haproxy
state: started
enabled: yes
2022-04-12 17:13:13 +02:00
- name: "Install certbot via apt"
apt:
update_cache: yes
state: present
name:
- python3-certbot
2022-04-12 16:26:46 +02:00
- name: Reset ufw rules to default
community.general.ufw:
state: reset
2022-04-12 16:49:59 +02:00
- name: Enable ufw
community.general.ufw:
state: enabled
2022-04-12 16:26:46 +02:00
- name: Allow ssh via ufw from localnet
community.general.ufw:
rule: allow
direction: in
port: ssh
from_ip: "192.168.69.0/24"
interface: eth0
- name: Allow http via ufw from internet
community.general.ufw:
rule: allow
direction: in
port: http
interface: eth1
- name: Allow https via ufw from internet
community.general.ufw:
rule: allow
direction: in
port: https
interface: eth1
- name: Allow http via ufw from internet
community.general.ufw:
rule: allow
direction: in
port: http
interface: eth1
- name: Allow neko ports via ufw from internet
community.general.ufw:
rule: allow
direction: in
2022-04-14 14:48:45 +02:00
port: 59000:59049
2022-04-12 16:26:46 +02:00
proto: udp
interface: eth1