diff options
Diffstat (limited to 'gerboweb/deploy/playbook.yml')
-rw-r--r-- | gerboweb/deploy/playbook.yml | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/gerboweb/deploy/playbook.yml b/gerboweb/deploy/playbook.yml index 60fe499..1c694d5 100644 --- a/gerboweb/deploy/playbook.yml +++ b/gerboweb/deploy/playbook.yml @@ -12,7 +12,7 @@ - name: Install host requisites dnf: - name: nginx,uwsgi,python3-flask,python3-flask-wtf,uwsgi-plugin-python3,certbot,python3-certbot-nginx,libselinux-python,git + name: nginx,uwsgi,python3-flask,python3-flask-wtf,uwsgi-plugin-python3,certbot,python3-certbot-nginx,libselinux-python,git,iptables-services state: latest - name: Disable password-based root login @@ -28,6 +28,28 @@ state: restarted when: disable_root_pw_ssh is changed + - name: Create iptables firewall config dir + file: + path: /etc/iptables + state: directory + owner: root + group: root + mode: 0775 + + - name: Configure iptables firewall service + copy: + src: iptables.rules + dest: /etc/iptables/iptables.rules + owner: root + group: root + mode: 0664 + + - name: Enable iptables firewall service + systemd: + name: iptables + enabled: yes + state: started + - name: Create containers include_tasks: setup_containers.yml vars: |