1.7 KiB
1.7 KiB
Overview
This role configures router functionality on Alpine Linux.
Supported Operating Systems
| Operating System | Version |
|---|---|
| Alpine | 3.23 |
Tags
| Tag | Purpose |
|---|---|
full |
Execute all tasks |
routing |
Configure routing and iptables |
firewall |
Configure firewall rules |
performance |
Configure performance tuning |
Role Variables
Interfaces
wan_interface: "eth0"
lan_interface: "eth1"
Static Routes
static_routes:
- name: "route to internal network 10.0.0.0/8 via 192.168.1.1"
destination: "10.0.0.0/8"
gateway: "192.168.1.1"
- name: "route to dmz with custom metric"
destination: "172.16.0.0/12"
gateway: "192.168.1.254"
metric: 100
- name: "route with specific interface"
destination: "192.168.100.0/24"
gateway: "192.168.1.1"
interface: "eth1"
Incoming Firewall Rules
incoming_firewall_rules:
- name: "allow ssh from lan"
source: "192.168.1.0/24"
protocol: "tcp"
port: 22
- name: "allow https from lan"
source: "192.168.1.0/24"
protocol: "tcp"
port: 443
- name: "allow dns from lan"
source: "192.168.1.0/24"
protocol: "udp"
port: 53
- name: "allow ping from lan"
source: "192.168.1.0/24"
protocol: "icmp"
port: 0
NAT Port Forwards
nat_port_forwards:
- name: "forward http to web server"
dst: "192.168.1.10"
port: 80
protocol: "tcp"
- name: "forward https to web server"
dst: "192.168.1.10"
port: 443
protocol: "tcp"
- name: "forward ssh to internal server"
dst: "192.168.1.20"
port: 2222
protocol: "tcp"