fw
This commit is contained in:
parent
36f8b031fd
commit
2d6b53bc06
7 changed files with 36 additions and 2 deletions
|
@ -96,6 +96,11 @@ ufw_rules:
|
|||
protocol: tcp
|
||||
comment: 'munin'
|
||||
from_ip: 192.168.2.0/24
|
||||
- rule: allow
|
||||
to_port: 9080
|
||||
protocol: tcp
|
||||
comment: 'promtail'
|
||||
from_ip: 192.168.2.0/24
|
||||
ufw_default_incoming_policy: deny
|
||||
ufw_default_outgoing_policy: allow
|
||||
|
||||
|
|
|
@ -14,6 +14,11 @@ ufw_rules:
|
|||
protocol: tcp
|
||||
comment: 'munin'
|
||||
from_ip: 192.168.2.0/24
|
||||
- rule: allow
|
||||
to_port: 9080
|
||||
protocol: tcp
|
||||
comment: 'promtail'
|
||||
from_ip: 192.168.2.0/24
|
||||
- rule: allow
|
||||
to_port: 53
|
||||
comment: 'dns'
|
||||
|
|
|
@ -140,6 +140,11 @@ ufw_rules:
|
|||
protocol: tcp
|
||||
comment: 'munin'
|
||||
from_ip: 192.168.2.0/24
|
||||
- rule: allow
|
||||
to_port: 9080
|
||||
protocol: tcp
|
||||
comment: 'promtail'
|
||||
from_ip: 192.168.2.0/24
|
||||
- rule: allow
|
||||
from_ip: 192.168.0.0/16
|
||||
comment: 'docker networks'
|
||||
|
|
|
@ -14,6 +14,11 @@ ufw_rules:
|
|||
protocol: tcp
|
||||
comment: 'munin'
|
||||
from_ip: 192.168.2.0/24
|
||||
- rule: allow
|
||||
to_port: 9080
|
||||
protocol: tcp
|
||||
comment: 'promtail'
|
||||
from_ip: 192.168.2.0/24
|
||||
- rule: allow
|
||||
to_port: 445
|
||||
comment: 'smb'
|
||||
|
|
|
@ -41,6 +41,11 @@ ufw_rules:
|
|||
protocol: tcp
|
||||
comment: 'munin'
|
||||
from_ip: 192.168.2.0/24
|
||||
- rule: allow
|
||||
to_port: 9080
|
||||
protocol: tcp
|
||||
comment: 'promtail'
|
||||
from_ip: 192.168.2.0/24
|
||||
- rule: allow
|
||||
to_port: "{{ gitea_http_port }}"
|
||||
protocol: tcp
|
||||
|
|
|
@ -18,6 +18,11 @@ ufw_rules:
|
|||
protocol: tcp
|
||||
comment: 'munin'
|
||||
from_ip: 192.168.2.0/24
|
||||
- rule: allow
|
||||
to_port: 9080
|
||||
protocol: tcp
|
||||
comment: 'promtail'
|
||||
from_ip: 192.168.2.0/24
|
||||
- rule: allow
|
||||
to_port: "{{ lldap_http_port }}"
|
||||
protocol: tcp
|
||||
|
|
|
@ -7,10 +7,14 @@ ufw_rules:
|
|||
comment: 'ssh'
|
||||
from_ip: 0.0.0.0/0
|
||||
- rule: allow
|
||||
to_port: 80 #TODO passt?
|
||||
to_port: 80
|
||||
protocol: tcp
|
||||
comment: 'munin'
|
||||
|
||||
- rule: allow
|
||||
to_port: 9080
|
||||
protocol: tcp
|
||||
comment: 'promtail'
|
||||
from_ip: 192.168.2.0/24
|
||||
### mgrote_restic
|
||||
restic_folders_to_backup: "/usr/local /etc /root /home /var/lib/munin"
|
||||
|
||||
|
|
Loading…
Reference in a new issue