RWejlgaard/pez-infra
1
0
Fork 0
mirror of https://github.com/RWejlgaard/pez-infra.git synced 2026-05-06 04:14:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
pez-infra/ansible/roles/firewall_alpine/defaults/main.yml
Rasmus "Pez" Wejlgaard a7a71e4f87
capture nuremberg-a firewall rules in pez-infra (#15) 
Add firewall_alpine role for Alpine hosts with iptables persistence
and fail2ban SSH jails. Wire it into nuremberg-a's deploy stage.

Mail ports are already exposed via Docker port mappings in the
poste-io docker-compose — this captures the surrounding iptables
and fail2ban config that was previously undocumented.

Closes PESO-96
2026-03-29 14:40:10 +01:00

9 lines
207 B
YAML
Raw Blame History

---
# firewall_alpine defaults
# Enable iptables persistence via OpenRC
firewall_alpine_persist: true
# fail2ban SSH protection
firewall_alpine_fail2ban_enabled: true
firewall_alpine_fail2ban_maxretry: 10
Reference in a new issue View git blame Copy permalink