31 lines
775 B
YAML
31 lines
775 B
YAML
---
|
|
|
|
firewall_ssh_acl:
|
|
- 0.0.0.0/0 # allow SSH from everywhere
|
|
|
|
|
|
firewall_influx_acl:
|
|
- 10.11.0.0/16 # allow influx from ip(s)
|
|
- 192.168.255.0/24 # allow influx from ip(s)
|
|
|
|
|
|
firewall_mariadb_acl:
|
|
- 10.11.0.0/16 # allow mariadb from ip(s)
|
|
- 192.168.255.0/24 # allow mariadb from ip(s)
|
|
|
|
firewall_ssh_acl_extra: "{{ datacenter_global_networks + datacenter_public_networks }}"
|
|
|
|
|
|
firewall_influx_acl_extra: "{{ datacenter_global_networks + datacenter_public_networks }}"
|
|
|
|
|
|
firewall_mariadb_acl_extra: "{{ datacenter_global_networks + datacenter_public_networks }}"
|
|
|
|
|
|
firewall_monitoring_ips:
|
|
- 10.11.11.200
|
|
- 10.11.12.150
|
|
|
|
# TODO: Needs an inventory of all external services.
|
|
firewall_output_default_drop: no
|