added ufw
This commit is contained in:
@@ -0,0 +1,34 @@
|
||||
- name: Nginx
|
||||
hosts: pi
|
||||
become: true
|
||||
tasks:
|
||||
- name: Install ufw
|
||||
ansible.builtin.apt:
|
||||
name: ufw
|
||||
state: present
|
||||
|
||||
- name: Allow SSH
|
||||
community.general.ufw:
|
||||
rule: allow
|
||||
name: OpenSSH
|
||||
|
||||
- name: UFW - Allow HTTP connections
|
||||
community.general.ufw:
|
||||
rule: allow
|
||||
port: "80"
|
||||
proto: tcp
|
||||
|
||||
- name: UFW - Allow HTTPS connections
|
||||
community.general.ufw:
|
||||
rule: allow
|
||||
port: "443"
|
||||
proto: tcp
|
||||
|
||||
- name: UFW - Enable and deny by default
|
||||
community.general.ufw:
|
||||
state: enabled
|
||||
default: deny
|
||||
|
||||
- name: UFW - Reload firewall
|
||||
changed_when: true
|
||||
ansible.builtin.command: ufw reload
|
||||
Reference in New Issue
Block a user