add neko custom stuff

2022-04-12 16:26:46 +02:00
parent 4c2be7e50b
commit 656a7abb4b
15 changed files with 62 additions and 56 deletions
--- a/roles/neko/tasks/main.yaml
+++ b/roles/neko/tasks/main.yaml
@ -0,0 +1,48 @@
+---
+- name: "Install haproxy via apt"
+  apt:
+    update_cache: yes
+    state: present
+    name:
+     - haproxy
+
+- name: Reset ufw rules to default
+  community.general.ufw:
+    state: reset
+
+- name: Allow ssh via ufw from localnet
+  community.general.ufw:
+    rule: allow
+    direction: in
+    port: ssh
+    from_ip: "192.168.69.0/24"
+    interface: eth0
+
+- name: Allow http via ufw from internet
+  community.general.ufw:
+    rule: allow
+    direction: in
+    port: http
+    interface: eth1
+
+- name: Allow https via ufw from internet
+  community.general.ufw:
+    rule: allow
+    direction: in
+    port: https
+    interface: eth1
+
+- name: Allow http via ufw from internet
+  community.general.ufw:
+    rule: allow
+    direction: in
+    port: http
+    interface: eth1
+
+- name: Allow neko ports via ufw from internet
+  community.general.ufw:
+    rule: allow
+    direction: in
+    port: 52000:52100
+    proto: udp
+    interface: eth1