initial upload

2025-10-10 11:07:34 +00:00
commit 6224cd01c6
161 changed files with 8964 additions and 0 deletions
--- a/roles/firewall/templates/rules-v4.d/22_ssh.sh.j2
+++ b/roles/firewall/templates/rules-v4.d/22_ssh.sh.j2
@@ -0,0 +1,8 @@
+# {{ ansible_managed }}
+
+# Allow SSH only from IPs:
+iptables -N ssh-in
+{% for ip in firewall_ssh_acl|default([]) + firewall_ssh_acl_extra|default([]) %}
+iptables -A ssh-in -s {{ ip }} -j ACCEPT
+{% endfor %}
+iptables -A INPUT -p tcp --dport 22 -m comment --comment "ssh" -j ssh-in