more firewall configs

This commit is contained in:
Mark Janssen 2024-07-24 22:00:44 +02:00
parent ff6649ab71
commit aa242b0327
Signed by: foobar
GPG key ID: D8674D8FC4F69BD2
6 changed files with 20 additions and 1 deletions

3
group_vars/bank.yaml Normal file
View file

@ -0,0 +1,3 @@
---
nft: true

View file

@ -1,6 +1,9 @@
root_access:
- ak
- foobar
- linor
- polyfloyd
- wilco
nft: true

View file

@ -1 +1,5 @@
---
forgejo_url: https://git.bitlair.nl
nft: false

3
group_vars/lights.yaml Normal file
View file

@ -0,0 +1,3 @@
---
nft: true

6
group_vars/mqtt.yaml Normal file
View file

@ -0,0 +1,6 @@
---
nft: true
nft_group_rules:
- { version: "ip6", from: [ '2001:470:7f95::/48' ], port: "1883" }

View file

@ -81,7 +81,7 @@ set trusted6 {
{% if custom.comment is defined %}
# {{ custom.comment|default('') }}
{% endif %}
ip saddr { {{ custom.from | join(', ') }} } {{ custom.proto | default('tcp') }} dport { {{ custom.port }} } {{ custom.policy | default('accept') }}
{{ custom.version|default('ip') }} saddr { {{ custom.from | join(', ') }} } {{ custom.proto | default('tcp') }} dport { {{ custom.port }} } {{ custom.policy | default('accept') }}
{% endfor %}