BlackDragon/ansible
1
0
Fork 0
forked from bitlair/ansible
Code Pull requests Activity

Firewall rules

Browse source
This commit is contained in:
Mark Janssen 2024-12-02 21:53:39 +01:00
parent fa31ab8590
commit b51372bfb2
Signed by: foobar
GPG key ID: D8674D8FC4F69BD2
2 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
group_vars/all.yaml
View file

@ -20,6 +20,7 @@ trusted_ranges:
# - { v: ipv6, cidr: "2a02:166b:92::/48", comment: "bitlair" } # /48's kunnen niet in de ipset # - { v: ipv6, cidr: "2a02:166b:92::/48", comment: "bitlair" } # /48's kunnen niet in de ipset
- { v: ipv6, cidr: "2001:678:814:68::/64", comment: "bitlair wifi" } - { v: ipv6, cidr: "2001:678:814:68::/64", comment: "bitlair wifi" }
- { v: ipv6, cidr: "2a05:2d01:0:4042::/64", comment: "bitlair servers" } - { v: ipv6, cidr: "2a05:2d01:0:4042::/64", comment: "bitlair servers" }
- { v: ipv6, cidr: "2a05:2d01:1337::/48", comment: "eventinfra v6-range" }
- { v: ipv6, cidr: "2a0e:5700:4:2::/64", comment: "foobar ipv6" } - { v: ipv6, cidr: "2a0e:5700:4:2::/64", comment: "foobar ipv6" }
trusted_ports: trusted_ports:
- ssh - ssh

4
group_vars/shell.yaml
View file

@ -1,3 +1,7 @@
--- ---
manage_sshd_config: false manage_sshd_config: false
group_nft_input:
- "# Allow SSH from world"
- "tcp dport { ssh } accept"