mg/homeserver
1
0
Fork 0
Code Issues 1 Pull requests 3 Activity Actions

ufw: Zugriff immer nur per IPv4 (#210)

Browse source 
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Reviewed-on: mg/ansible#210
Co-authored-by: mg <mg@noreply.git.mgrote.net>
Co-committed-by: mg <mg@noreply.git.mgrote.net>
This commit is contained in:
Michael Grote 2021-10-06 10:18:23 +02:00
parent 04796f4d23
commit 8f80c2855f
12 changed files with 22 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
group_vars/acng.yml
View file

@ -5,6 +5,7 @@
to_port: 22 to_port: 22
protocol: tcp protocol: tcp
comment: 'ssh' comment: 'ssh'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 4949 to_port: 4949
protocol: tcp protocol: tcp
@ -13,6 +14,7 @@
- rule: allow - rule: allow
to_port: 9999 to_port: 9999
comment: 'acng' comment: 'acng'
from_ip: 0.0.0.0/0
### mgrote.acng ### mgrote.acng
acng_server_port: 9999 acng_server_port: 9999
acng_server_exthreshold: "60" #hebt Pakete 60 Tage auf acng_server_exthreshold: "60" #hebt Pakete 60 Tage auf

4
group_vars/all.yml
View file

@ -28,9 +28,6 @@
config: | config: |
[lvm_*] [lvm_*]
user root user root
### mgrote.dotfiles ### mgrote.dotfiles
dotfiles_repo_url: https://git.mgrote.net/mg/dotfiles dotfiles_repo_url: https://git.mgrote.net/mg/dotfiles
dotfiles_repo_path: /home/mg/dotfiles dotfiles_repo_path: /home/mg/dotfiles
@ -97,6 +94,7 @@
to_port: 22 to_port: 22
protocol: tcp protocol: tcp
comment: 'ssh' comment: 'ssh'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 4949 to_port: 4949
protocol: tcp protocol: tcp

1
group_vars/docker.yml
View file

@ -21,7 +21,6 @@
/var/lib/docker/volumes/docker-photoprism_pp_smb_bilder***/** /var/lib/docker/volumes/docker-photoprism_pp_smb_bilder***/**
# https://github.com/restic/restic/issues/1005 # https://github.com/restic/restic/issues/1005
# https://forum.restic.net/t/exclude-syntax-confusion/1531/12 # https://forum.restic.net/t/exclude-syntax-confusion/1531/12
### geerlingguy.munin-node ### geerlingguy.munin-node
munin_node_plugins: munin_node_plugins:
- name: chrony - name: chrony

2
group_vars/dokuwiki.yml
View file

@ -7,9 +7,11 @@
to_port: 22 to_port: 22
protocol: tcp protocol: tcp
comment: 'ssh' comment: 'ssh'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 80 to_port: 80
comment: 'dokuwiki-webserver' comment: 'dokuwiki-webserver'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 4949 to_port: 4949
protocol: tcp protocol: tcp

3
group_vars/fileserver.yml
View file

@ -99,12 +99,15 @@
to_port: 22 to_port: 22
protocol: tcp protocol: tcp
comment: 'ssh' comment: 'ssh'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 445 to_port: 445
comment: 'smb' comment: 'smb'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 139 to_port: 139
comment: 'smb' comment: 'smb'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 4949 to_port: 4949
protocol: tcp protocol: tcp

3
group_vars/gitea.yml
View file

@ -7,14 +7,17 @@
to_port: 22 to_port: 22
protocol: tcp protocol: tcp
comment: 'ssh' comment: 'ssh'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 3000 to_port: 3000
protocol: tcp protocol: tcp
comment: 'gitea' comment: 'gitea'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 2222 to_port: 2222
protocol: tcp protocol: tcp
comment: 'gitea' comment: 'gitea'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 4949 to_port: 4949
protocol: tcp protocol: tcp

2
group_vars/jenkins.yml
View file

@ -13,9 +13,11 @@
to_port: 22 to_port: 22
protocol: tcp protocol: tcp
comment: 'ssh' comment: 'ssh'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 8080 to_port: 8080
comment: 'jenkins' comment: 'jenkins'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 4949 to_port: 4949
protocol: tcp protocol: tcp

1
group_vars/laptop.yml
View file

@ -65,3 +65,4 @@
to_port: 22 to_port: 22
protocol: tcp protocol: tcp
comment: 'ssh' comment: 'ssh'
from_ip: 0.0.0.0/0

1
group_vars/ntpserver.yml
View file

@ -5,6 +5,7 @@
to_port: 22 to_port: 22
protocol: tcp protocol: tcp
comment: 'ssh' comment: 'ssh'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 123 to_port: 123
comment: 'ntp' comment: 'ntp'

3
group_vars/pihole.yml
View file

@ -5,9 +5,11 @@
to_port: 22 to_port: 22
protocol: tcp protocol: tcp
comment: 'ssh' comment: 'ssh'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 80 to_port: 80
comment: 'pihole-webgui' comment: 'pihole-webgui'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 4949 to_port: 4949
protocol: tcp protocol: tcp
@ -16,6 +18,7 @@
- rule: allow - rule: allow
to_port: 53 to_port: 53
comment: 'pihole-dns' comment: 'pihole-dns'
from_ip: 0.0.0.0/0
## playbook ## playbook
pihole_homer_fqdn: docker.grote.lan # unter welchem host ist docker erreichbar? notwendig für die pihole stats in homer; fur die cors abfrage pihole_homer_fqdn: docker.grote.lan # unter welchem host ist docker erreichbar? notwendig für die pihole stats in homer; fur die cors abfrage
### mgrote.restic ### mgrote.restic

2
host_vars/docker-test.grote.lan.yml
View file

@ -39,7 +39,9 @@
to_port: 22 to_port: 22
protocol: tcp protocol: tcp
comment: 'ssh' comment: 'ssh'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 4949 to_port: 4949
protocol: tcp protocol: tcp
comment: 'munin' comment: 'munin'
from_ip: 0.0.0.0/0

2
host_vars/docker2.grote.lan.yml
View file

@ -31,10 +31,12 @@
to_port: 22 to_port: 22
protocol: tcp protocol: tcp
comment: 'ssh' comment: 'ssh'
from_ip: 0.0.0.0/0
- rule: allow - rule: allow
to_port: 4949 to_port: 4949
protocol: tcp protocol: tcp
comment: 'munin' comment: 'munin'
from_ip: 0.0.0.0/0
### mgrote.apt_install_packages ### mgrote.apt_install_packages
programs_extra: programs_extra:
- libwww-curl-perl # für munin-plugin: unifi - libwww-curl-perl # für munin-plugin: unifi