Added ansible rules for ufw

2026-01-25 13:40:17 +00:00 · 2019-02-03 19:30:14 +00:00
parent 7b1e3f1ecf
commit d17e12fb94
2 changed files with 34 additions and 0 deletions
--- a/roles/shell/tasks/main.yml
+++ b/roles/shell/tasks/main.yml
@@ -4,3 +4,4 @@
 - include: packages.yml
 - include: users.yml
 - include: apache2-mods.yml
+- include: ufw.yml
--- a/roles/shell/tasks/ufw.yml
+++ b/roles/shell/tasks/ufw.yml
@@ -0,0 +1,33 @@
+# Install our baseline packages for all machines, irrespective of what role they might have
+---
+- name: Create UFW tcp rules 
+  ufw:
+    rule: allow
+    proto: tcp
+    port: '{{ item }}'
+  with_items:
+    - 22
+    - 443
+    - 80
+    - 143
+    - 25
+    - 79
+    - 2222
+
+- name: Create UFW udp rules
+  ufw:
+    rule: allow
+    proto: udp
+    port: '{{ item }}'
+  with_items:
+      - "60000:61000"
+      - 1326
+
+- name: Create limits
+  ufw:
+    rule: limit
+    proto: tcp
+    port: '{{ item }}'
+  with_items:
+    - 22
+    - 2222