30 lines
644 B
YAML
30 lines
644 B
YAML
---
|
|
- name: Install dependencies
|
|
ansible.builtin.apt:
|
|
name: php-fpm
|
|
state: present
|
|
|
|
- name: Install security.txt
|
|
ansible.builtin.template:
|
|
src: security.txt
|
|
dest: /opt/security.txt
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
|
|
- name: Allow HTTP/HTTPS
|
|
ansible.builtin.iptables:
|
|
chain: INPUT
|
|
protocol: tcp
|
|
destination_port: "{{ item.port }}"
|
|
ctstate: NEW
|
|
jump: ACCEPT
|
|
ip_version: "{{ item.ip }}"
|
|
action: insert
|
|
with_items:
|
|
- { ip: ipv4, port: 80 }
|
|
- { ip: ipv4, port: 443 }
|
|
- { ip: ipv6, port: 80 }
|
|
- { ip: ipv6, port: 443 }
|
|
notify: persist iptables
|
|
when: not nft | bool
|