sebastian/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial upload

Browse Source
This commit is contained in:
sebastian
2025-10-10 11:07:34 +00:00
commit 6224cd01c6
161 changed files with 8964 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
group_vars/all/firewall.yml Normal file
View File

@@ -0,0 +1,30 @@
---
firewall_ssh_acl:
- 0.0.0.0/0 # allow SSH from everywhere
firewall_influx_acl:
- 10.11.0.0/16 # allow influx from ip(s)
- 192.168.255.0/24 # allow influx from ip(s)
firewall_mariadb_acl:
- 10.11.0.0/16 # allow mariadb from ip(s)
- 192.168.255.0/24 # allow mariadb from ip(s)
firewall_ssh_acl_extra: "{{ datacenter_global_networks + datacenter_public_networks }}"
firewall_influx_acl_extra: "{{ datacenter_global_networks + datacenter_public_networks }}"
firewall_mariadb_acl_extra: "{{ datacenter_global_networks + datacenter_public_networks }}"
firewall_monitoring_ips:
- 10.11.11.200
- 10.11.12.150
# TODO: Needs an inventory of all external services.
firewall_output_default_drop: no