feat: move to dedicated repo

2024-11-22 11:13:16 +01:00 · 2024-11-22 11:13:16 +01:00 · 4a88a5b28d
commit 4a88a5b28d
54 changed files with 1524 additions and 0 deletions
--- a/tasks/firewall/firewall-rules-routed.yaml
+++ b/tasks/firewall/firewall-rules-routed.yaml
@ -0,0 +1,26 @@
+---
+
+# basic firewall rules
+- name: "firewall - allow incoming routed traffic"
+  community.general.ufw:
+    rule: "allow"
+    route: "yes"
+    src: "{{ item[0] }}"
+    dest: "{{ item[1] }}"
+  with_nested:
+    - "{{ __rule['source_nets'] }}"
+    - "{{ __rule['destination_nets'] }}"
+  tags:
+    - "firewall"
+
+- name: "firewall - allow outgoing routed traffic"
+  community.general.ufw:
+    rule: "allow"
+    route: "yes"
+    src: "{{ item[1] }}"
+    dest: "{{ item[0] }}"
+  with_nested:
+    - "{{ __rule['source_nets'] }}"
+    - "{{ __rule['destination_nets'] }}"
+  tags:
+    - "firewall"