feat: improved firewall tasks

2025-07-11 20:12:55 +02:00 · 2025-07-11 20:12:55 +02:00 · 9d4be2265d
commit 9d4be2265d
parent 89eaee1139
6 changed files with 89 additions and 83 deletions
--- a/defaults/main.yaml
+++ b/defaults/main.yaml
@ -13,6 +13,19 @@ apt_repository: "https://archive.ubuntu.com/ubuntu"
 apt_repository_main: "https://archive.ubuntu.com/ubuntu"
 apt_repository_security: "https://archive.ubuntu.com/ubuntu"

+# firewall
+firewall_enable: true
+firewall_basic_rules:
+  - name: "anti-lockout rule"
+    from_ip: "any"
+    to_port: "22"
+    proto: "tcp"
+firewall_host_rules:
+  - name: "anti-lockout rule"
+    from_ip: "any"
+    to_port: "22"
+    proto: "tcp"
+
 # ntp
 ntp_server: "pool.ntp.org"
 timezone: "Europe/Amsterdam"