test other version
Some checks failed
Ansible Minecraft CI/CD Pipeline / Ansible Lint Check (push) Successful in 58s
Ansible Minecraft CI/CD Pipeline / Project Structure Validation (push) Failing after 3s
Ansible Minecraft CI/CD Pipeline / Security Scan (push) Successful in 4s
Ansible Minecraft CI/CD Pipeline / Deploy to Staging (push) Has been skipped
Ansible Minecraft CI/CD Pipeline / Deploy to Production (push) Has been skipped
Ansible Minecraft CI/CD Pipeline / Backup System Check (push) Has been skipped
Some checks failed
Ansible Minecraft CI/CD Pipeline / Ansible Lint Check (push) Successful in 58s
Ansible Minecraft CI/CD Pipeline / Project Structure Validation (push) Failing after 3s
Ansible Minecraft CI/CD Pipeline / Security Scan (push) Successful in 4s
Ansible Minecraft CI/CD Pipeline / Deploy to Staging (push) Has been skipped
Ansible Minecraft CI/CD Pipeline / Deploy to Production (push) Has been skipped
Ansible Minecraft CI/CD Pipeline / Backup System Check (push) Has been skipped
This commit is contained in:
32
roles/01-server_hardening/tasks/03-firewall-setup.yml
Normal file
32
roles/01-server_hardening/tasks/03-firewall-setup.yml
Normal file
@@ -0,0 +1,32 @@
|
||||
---
|
||||
- name: Install UFW
|
||||
ansible.builtin.apt:
|
||||
name: ufw
|
||||
state: present
|
||||
when: firewall_enabled | bool
|
||||
|
||||
- name: Reset UFW rules
|
||||
community.general.ufw:
|
||||
state: reset
|
||||
when: firewall_enabled | bool
|
||||
|
||||
- name: Allow SSH port
|
||||
community.general.ufw:
|
||||
rule: allow
|
||||
port: "{{ ssh_port }}"
|
||||
proto: tcp
|
||||
when: firewall_enabled | bool
|
||||
|
||||
- name: Allow Minecraft port
|
||||
community.general.ufw:
|
||||
rule: allow
|
||||
port: "25565"
|
||||
proto: tcp
|
||||
when: firewall_enabled | bool
|
||||
|
||||
- name: Enable UFW
|
||||
community.general.ufw:
|
||||
state: enabled
|
||||
policy: deny
|
||||
when: firewall_enabled | bool
|
||||
notify: "reload firewall"
|
||||
Reference in New Issue
Block a user