thomas
/
sovereign
關注 1
收藏 0
複製 0
程式碼 問題 0 合併請求 0 版本發佈 0 Wiki 活動
瀏覽代碼

Enable UFW after setting firewall rules 

On fresh installs of Debian 7.6, the current order of steps will lock you
out of SSH. This will enable UFW after creating rules for http, https, ssh,
and DNS. Fix comes from @Debugreality in issue #303:

https://github.com/al3x/sovereign/issues/303
Anthony Perez-sanz 10 年之前
父節點
6d6885a02a
當前提交
cdf9ed07bb
共有 1 個檔案被更改,包括 5 行新增2 行删除
統一視圖 顯示文件統計
  1. 5
    2
      roles/common/tasks/ufw.yml

+ 5
- 2
roles/common/tasks/ufw.yml 查看文件

5 
 - name: Install ufw
 5 
 - name: Install ufw
6 
   apt: pkg=ufw state=present
 6 
   apt: pkg=ufw state=present
7
7
8 
-- name: Deny everything and enable UFW
9 
-  ufw: state=enabled policy=deny
8 
+- name: Deny everything
9 
+  ufw: policy=deny
10
10
11 
 - name: Set firewall rule for DNS
 11 
 - name: Set firewall rule for DNS
12 
   ufw: rule=allow port=domain
 12 
   ufw: rule=allow port=domain
21 
     - https
 21 
     - https
22 
     - ssh
 22 
     - ssh
23
23
24 
+- name: Enable UFW
25 
+  ufw: state=enabled
26 
+
24 
 - name: Check config of ufw
 27 
 - name: Check config of ufw
25 
   command: cat /etc/ufw/ufw.conf
 28 
   command: cat /etc/ufw/ufw.conf
26 
   register: ufw_config
 29 
   register: ufw_config

Write Preview
Loading…
取消
儲存