RWejlgaard/pez-infra
1
0
Fork 0
mirror of https://github.com/RWejlgaard/pez-infra.git synced 2026-05-06 04:14:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
pez-infra/ansible/inventory/host_vars/nuremberg-a.yml
Rasmus "Pez" Wejlgaard a7a71e4f87
capture nuremberg-a firewall rules in pez-infra (#15) 
Add firewall_alpine role for Alpine hosts with iptables persistence
and fail2ban SSH jails. Wire it into nuremberg-a's deploy stage.

Mail ports are already exposed via Docker port mappings in the
poste-io docker-compose — this captures the surrounding iptables
and fail2ban config that was previously undocumented.

Closes PESO-96
2026-03-29 14:40:10 +01:00

9 lines
388 B
YAML
Raw Blame History

---
host_role: mail
host_description: "Mail server (poste.io)"
host_location: "Hetzner Cloud"
ansible_python_interpreter: /usr/bin/python3
# NOTE: Alpine host — UFW tasks are Debian-only.
# Firewall: iptables + fail2ban managed by firewall_alpine role.
# Mail ports (25,80,110,143,443,465,587,993,995) exposed via Docker
# port mappings in ansible/services/poste-io/docker-compose.yml.
Reference in a new issue View git blame Copy permalink