teier
/
legacy-server-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
legacy-server-config/ufw/playbook-ufw.yml

123 lines
2.2 KiB
YAML
Raw Blame History

---
- name: Configure UFW
hosts: teier.eu
gather_facts: no
tasks:
- name: Install ufw
apt: name=ufw state=latest
- name: Set logging
community.general.ufw:
logging: 'on'
- name: Allow SSH connections
community.general.ufw:
rule: allow
port: '4711'
proto: tcp
- name: Allow web server access
community.general.ufw:
rule: allow
port: '443'
proto: tcp
- name: Allow web server access
community.general.ufw:
rule: allow
port: '80'
proto: tcp
- name: Allow Minecraft
community.general.ufw:
rule: allow
port: '25565'
proto: tcp
- name: Allow Starbound
community.general.ufw:
rule: allow
port: '21025'
proto: tcp
- name: Allow Matrix federation
community.general.ufw:
rule: allow
port: '8448'
proto: tcp
- name: Allow SMTP
community.general.ufw:
rule: allow
port: '587'
proto: tcp
- name: Allow Mail
community.general.ufw:
rule: allow
port: '25'
proto: tcp
- name: Allow Mail
community.general.ufw:
rule: allow
port: '143'
proto: tcp
- name: Allow Mail
community.general.ufw:
rule: allow
port: '587'
proto: tcp
- name: Allow Mail
community.general.ufw:
rule: allow
port: '993'
proto: tcp
- name: Allow Taript
community.general.ufw:
rule: allow
port: '22'
proto: tcp
- name: Allow Retrocraft
community.general.ufw:
rule: allow
port: '25566'
proto: tcp
- name: Allow Garry's Mod
community.general.ufw:
rule: allow
port: '17015'
proto: udp
- name: Allow Garry's Mod
community.general.ufw:
rule: allow
port: '27015'
proto: udp
- name: Allow Garry's Mod
community.general.ufw:
rule: allow
port: '27015'
proto: tcp
- name: Allow all access from RFC1918 networks to this host
community.general.ufw:
rule: allow
src: '{{ item }}'
loop:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
- name: Deny everything else and enable UFW
community.general.ufw:
state: enabled
policy: deny
Reference in New Issue View Git Blame Copy Permalink