Added ufw config
parent
2da928a24b
commit
a68aa78972
|
@ -1,6 +1,8 @@
|
||||||
- name: Install fail2ban.
|
- name: Install fail2ban & ufw.
|
||||||
apt:
|
apt:
|
||||||
name: fail2ban
|
name:
|
||||||
|
- fail2ban
|
||||||
|
- ufw
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
# TODO add proper fail2ban config
|
# TODO add proper fail2ban config
|
||||||
|
@ -11,4 +13,18 @@
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
||||||
# TODO install UFW
|
- name: Ensure ufw is started & enabled.
|
||||||
|
service:
|
||||||
|
name: fail2ban
|
||||||
|
state: started
|
||||||
|
enabled: true
|
||||||
|
|
||||||
|
- name: Allow SSH connections.
|
||||||
|
community.general.ufw:
|
||||||
|
rule: allow
|
||||||
|
port: 2222
|
||||||
|
|
||||||
|
- name: Block everything else by default & enable firewall.
|
||||||
|
community.general.ufw:
|
||||||
|
default: deny
|
||||||
|
state: enabled
|
||||||
|
|
|
@ -10,9 +10,6 @@ entryPoints:
|
||||||
websecure:
|
websecure:
|
||||||
address: ":443"
|
address: ":443"
|
||||||
|
|
||||||
api:
|
|
||||||
insecure: true
|
|
||||||
|
|
||||||
providers:
|
providers:
|
||||||
docker:
|
docker:
|
||||||
swarmMode: true
|
swarmMode: true
|
||||||
|
|
Loading…
Reference in New Issue