sebastian/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial upload

Browse Source
This commit is contained in:
sebastian
2025-10-10 11:07:34 +00:00
commit 6224cd01c6
161 changed files with 8964 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
roles/consul/templates/etc_firewall_rules-v4.d_78_consul.sh.j2 Normal file
View File

@@ -0,0 +1,25 @@
# {{ ansible_managed }}
{% if not consul_stub_mode %}
{% if consul_server %}
iptables -A internal-in -p tcp --dport 8300:8302 -m comment --comment "consul" -j ACCEPT
iptables -A internal-in -p udp --dport 8300:8302 -m comment --comment "consul" -j ACCEPT
{% else %}
{% for ip in datacenter_local_networks %}
iptables -A internal-in -s {{ ip }} -p tcp --dport 8300:8302 -m comment --comment "consul" -j ACCEPT
iptables -A internal-in -s {{ ip }} -p udp --dport 8300:8302 -m comment --comment "consul" -j ACCEPT
{% endfor %}
{% endif %}
{% if consul_expose_apis %}
iptables -A internal-in -p tcp --dport 8500:8501 -m comment --comment "consul-http" -j ACCEPT
iptables -A internal-in -p tcp --dport 8600 -m comment --comment "consul-dns" -j ACCEPT
iptables -A internal-in -p udp --dport 8600 -m comment --comment "consul-dns" -j ACCEPT
{% endif %}
iptables -A internal-out -p tcp --dport 8300:8302 -m comment --comment "consul" -j ACCEPT
iptables -A internal-out -p udp --dport 8300:8302 -m comment --comment "consul" -j ACCEPT
iptables -A internal-out -p tcp --dport 8500:8501 -m comment --comment "consul-http" -j ACCEPT
iptables -A internal-out -p tcp --dport 8600 -m comment --comment "consul-dns" -j ACCEPT
iptables -A internal-out -p udp --dport 8600 -m comment --comment "consul-dns" -j ACCEPT
{% endif %}