mirror of
https://github.com/RWejlgaard/pez-infra.git
synced 2026-05-06 04:14:43 +00:00
Rasmus "Pez" Wejlgaard
a7a71e4f87
Add firewall_alpine role for Alpine hosts with iptables persistence and fail2ban SSH jails. Wire it into nuremberg-a's deploy stage. Mail ports are already exposed via Docker port mappings in the poste-io docker-compose — this captures the surrounding iptables and fail2ban config that was previously undocumented. Closes PESO-96
14 lines
411 B
Django/Jinja
14 lines
411 B
Django/Jinja
# {{ ansible_managed }}
|
|
# iptables rules for {{ inventory_hostname }}
|
|
#
|
|
# Docker and Tailscale manage their own chains automatically.
|
|
# This file captures non-Docker, non-Tailscale rules only.
|
|
#
|
|
# Mail ports (25,80,110,143,443,465,587,993,995) are exposed via
|
|
# Docker port mappings in the poste-io docker-compose.yml — not here.
|
|
|
|
*filter
|
|
:INPUT ACCEPT [0:0]
|
|
:FORWARD ACCEPT [0:0]
|
|
:OUTPUT ACCEPT [0:0]
|
|
COMMIT
|