51 lines
953 B
YAML
51 lines
953 B
YAML
---
|
|
- name: set required podman firewall rules
|
|
become: true
|
|
ansible.posix.firewalld:
|
|
port: "{{ item }}"
|
|
permanent: true
|
|
immediate: true
|
|
state: enabled
|
|
loop:
|
|
- "{{ syslog_udp_default }}/udp"
|
|
- "{{ syslog_udp_error }}/udp"
|
|
- "{{ syslog_udp_unifi }}/udp"
|
|
# nginx
|
|
- 80/tcp
|
|
- 443/tcp
|
|
# pihole (unused?)
|
|
- 53/tcp
|
|
- 53/udp
|
|
# pihole (iptables preroute)
|
|
- 1153/tcp
|
|
- 1153/udp
|
|
# ???
|
|
- 6875/tcp
|
|
# Satisfactory
|
|
- 7777/udp
|
|
- 15000/udp
|
|
- 15777/udp
|
|
# Factorio
|
|
- 27015/tcp
|
|
- 34197/udp
|
|
notify: restart firewalld
|
|
tags: firewall
|
|
|
|
- name: unset non-required podman firewall rules
|
|
become: true
|
|
ansible.posix.firewalld:
|
|
port: "{{ item }}"
|
|
permanent: true
|
|
immediate: true
|
|
state: disabled
|
|
loop:
|
|
- 2456/udp
|
|
- 2457/udp
|
|
- 9093/tcp
|
|
- 9092/tcp
|
|
- 9091/tcp
|
|
- 9091/udp
|
|
- 9092/udp
|
|
notify: restart firewalld
|
|
tags: firewall
|