RWejlgaard/pez-infra
1
0
Fork 0
mirror of https://github.com/RWejlgaard/pez-infra.git synced 2026-05-06 04:14:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
pez-infra/ansible/roles
History
Rasmus Wejlgaard 339c08c5c2 Configure UFW firewall rules in common Ansible role 
Add UFW configuration to the common role for Debian hosts:
- Default deny incoming, allow outgoing
- Allow all traffic on tailscale0 interface (mesh comms)
- Allow SSH port 22 as safety net
- Per-host allowed ports via ufw_allowed_ports variable
- Enable UFW after rules are applied

helsinki-a gets ports 80/443 for reverse proxy traffic.
Other Debian hosts only need Tailscale + SSH.

Closes PESO-79
2026-03-29 09:07:42 +00:00
..
caddy initial commit 2026-03-28 12:39:41 +00:00
common Configure UFW firewall rules in common Ansible role 2026-03-29 09:07:42 +00:00
docker/tasks initial commit 2026-03-28 12:39:41 +00:00
docker_services/tasks initial commit 2026-03-28 12:39:41 +00:00
dotfiles/tasks fix remaining yaml lint nitpicks 2026-03-28 13:13:37 +00:00
node_exporter/tasks initial commit 2026-03-28 12:39:41 +00:00
systemd_services initial commit 2026-03-28 12:39:41 +00:00