thomas
/
sovereign
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Merge pull request #332 from apsanz/master 

Enable UFW only after setting firewall rules
Alex Payne 10 years ago
parent
f7e4b2eb14 cdf9ed07bb
commit
87e2497fbc
1 changed files with 5 additions and 2 deletions
Unified View Show Diff Stats
  1. 5
    2
      roles/common/tasks/ufw.yml

+ 5
- 2
roles/common/tasks/ufw.yml View File

5 
 - name: Install ufw
 5 
 - name: Install ufw
6 
   apt: pkg=ufw state=present
 6 
   apt: pkg=ufw state=present
7
7
8 
-- name: Deny everything and enable UFW
9 
-  ufw: state=enabled policy=deny
8 
+- name: Deny everything
9 
+  ufw: policy=deny
10
10
11 
 - name: Set firewall rule for DNS
 11 
 - name: Set firewall rule for DNS
12 
   ufw: rule=allow port=domain
 12 
   ufw: rule=allow port=domain
21 
     - https
 21 
     - https
22 
     - ssh
 22 
     - ssh
23
23
24 
+- name: Enable UFW
25 
+  ufw: state=enabled
26 
+
24 
 - name: Check config of ufw
 27 
 - name: Check config of ufw
25 
   command: cat /etc/ufw/ufw.conf
 28 
   command: cat /etc/ufw/ufw.conf
26 
   register: ufw_config
 29 
   register: ufw_config

Write Preview
Loading…
Cancel
Save