diff options
author | jaseg <code@jaseg.net> | 2019-04-04 20:08:46 +0900 |
---|---|---|
committer | jaseg <git@jaseg.net> | 2019-04-04 20:08:46 +0900 |
commit | 07f1aacba09acc120ead9c74d476060e698614b7 (patch) | |
tree | f20a6604ab811f33c02fa1cc45d989d512c4e09e /playbook.yml | |
parent | bd281ef2e8213c6e92d68aefff9bfd1a8d8351d6 (diff) | |
download | infra-07f1aacba09acc120ead9c74d476060e698614b7.tar.gz infra-07f1aacba09acc120ead9c74d476060e698614b7.tar.bz2 infra-07f1aacba09acc120ead9c74d476060e698614b7.zip |
Fix up clippy networking
Diffstat (limited to 'playbook.yml')
-rw-r--r-- | playbook.yml | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/playbook.yml b/playbook.yml index 60fe499..1c694d5 100644 --- a/playbook.yml +++ b/playbook.yml @@ -12,7 +12,7 @@ - name: Install host requisites dnf: - name: nginx,uwsgi,python3-flask,python3-flask-wtf,uwsgi-plugin-python3,certbot,python3-certbot-nginx,libselinux-python,git + name: nginx,uwsgi,python3-flask,python3-flask-wtf,uwsgi-plugin-python3,certbot,python3-certbot-nginx,libselinux-python,git,iptables-services state: latest - name: Disable password-based root login @@ -28,6 +28,28 @@ state: restarted when: disable_root_pw_ssh is changed + - name: Create iptables firewall config dir + file: + path: /etc/iptables + state: directory + owner: root + group: root + mode: 0775 + + - name: Configure iptables firewall service + copy: + src: iptables.rules + dest: /etc/iptables/iptables.rules + owner: root + group: root + mode: 0664 + + - name: Enable iptables firewall service + systemd: + name: iptables + enabled: yes + state: started + - name: Create containers include_tasks: setup_containers.yml vars: |