BlackDragon/ansible
1
0
Fork 0
forked from bitlair/ansible
Code Pull requests Activity

Linter + Dashboard fixes

Browse source
This commit is contained in:
Mark Janssen 2024-07-31 20:33:54 +02:00
parent e1bf3e1765
commit abc64144a8
Signed by: foobar
GPG key ID: D8674D8FC4F69BD2
44 changed files with 265 additions and 379 deletions
Download patch file Download diff file Expand all files Collapse all files

8
roles/nft/templates/nftables.conf.j2
View file

@ -73,15 +73,15 @@ set trusted6 {
} accept
# Open ssh only for trusted machines
ip saddr @trusted4 tcp dport { {{ trusted_ports|join(', ') }} } accept
ip6 saddr @trusted6 tcp dport { {{ trusted_ports|join(', ') }} } accept
ip saddr @trusted4 tcp dport { {{ trusted_ports | join(', ') }} } accept
ip6 saddr @trusted6 tcp dport { {{ trusted_ports | join(', ') }} } accept
# Rules based on group-vars
{% for custom in nft_group_rules %}
{% if custom.comment is defined %}
# {{ custom.comment|default('') }}
# {{ custom.comment | default('') }}
{% endif %}
{{ custom.version|default('ip') }} saddr { {{ custom.from | join(', ') }} } {{ custom.proto | default('tcp') }} dport { {{ custom.port }} } {{ custom.policy | default('accept') }}
{{ custom.version | default('ip') }} saddr { {{ custom.from | join(', ') }} } {{ custom.proto | default('tcp') }} dport { {{ custom.port }} } {{ custom.policy | default('accept') }}
{% endfor %}