SL/ansible/roles/ufw/tasks/main.yml

45 lines
784 B
YAML
Raw Normal View History

2022-06-13 22:09:07 +02:00
- name: Install ufw
ansible.builtin.apt:
update_cache: yes
pkg:
- ufw
- name: Allow everything and enable UFW
community.general.ufw:
state: enabled
policy: deny
- name: Allow ports
community.general.ufw:
rule: allow
port: "{{ item | int }}"
loop:
- "{{ secret_ssh_port }}"
- "{{ wireguard.port }}"
- 110
- 143
- 22
- 25
- 443
- 465
- 587
- 80
- 993
- 995
- name: Endlessh
community.docker.docker_container:
name: endlessh
pull: yes
restart_policy: unless-stopped
recreate: yes
env:
PUID: "{{ users.0.uid }}"
PGID: "{{ users.0.gid }}"
TZ: "{{ ntp_timezone }}"
image: lscr.io/linuxserver/endlessh
ports:
- "22:2222"
tmpfs:
- /config