add firewall configuration

master
Glenn K. Lockwood 6 years ago
parent d62408a9aa
commit bd52fd5733
  1. 23
      roles/common/tasks/main.yml
  2. 1
      roles/common/tasks/software.yml

@ -79,3 +79,26 @@
- include: software.yml - include: software.yml
- include: users.yml - include: users.yml
- include: raspi-config.yml - include: raspi-config.yml
# Configure firewall
- name: allow SSH through UFW
ufw:
rule: allow
port: ssh
proto: tcp
log: yes
- name: set default incoming UFW policy to deny
ufw:
direction: incoming
policy: deny
- name: set default outgoing UFW policy to deny
ufw:
direction: outgoing
policy: allow
- name: enable UFW
ufw:
state: enabled
logging: yes

@ -31,5 +31,6 @@
- vim - vim
- git - git
- python-pip - python-pip
- ufw
tags: tags:
- sw - sw

Loading…
Cancel
Save