gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: removed admin ips from firewalls

Browse Source
feature/DEV-380
Sven Ketelsen 4 years ago
parent 0b18fc9bc2
commit 6297ad954e
1 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File

15
group_vars/all/firewall.yml
Unescape Escape View File

@ -8,28 +8,28 @@ hcloud_firewall_objects:
direction: in
protocol: icmp
port: ''
source_ips: '{{ ip_whitelist + ip_whitelist_admins }}'
source_ips: '{{ ip_whitelist }}'
destination_ips: []
description: ICMP allowed
-
direction: in
protocol: tcp
port: '22'
source_ips: '{{ ip_whitelist + ip_whitelist_admins }}'
source_ips: '{{ ip_whitelist }}'
destination_ips: []
description: SSH allowed
-
direction: in
protocol: tcp
port: '80'
source_ips: '{{ ip_whitelist + ip_whitelist_admins }}'
source_ips: '{{ ip_whitelist }}'
destination_ips: []
description: HTTP allowed
-
direction: in
protocol: tcp
port: '443'
source_ips: '{{ ip_whitelist + ip_whitelist_admins }}'
source_ips: '{{ ip_whitelist }}'
destination_ips: []
description: HTTPS allowed
-
@ -59,21 +59,21 @@ hcloud_firewall_objects:
direction: in
protocol: tcp
port: '9080-9085'
source_ips: '{{ ip_whitelist + ip_whitelist_admins }}'
source_ips: '{{ ip_whitelist }}'
destination_ips: []
description: 'Server/Service Monitoring'
-
direction: in
protocol: tcp
port: '9001'
source_ips: '{{ ip_whitelist + ip_whitelist_admins }}'
source_ips: '{{ ip_whitelist }}'
destination_ips: []
description: 'PgAdmin'
-
direction: in
protocol: tcp
port: '9187'
source_ips: '{{ ip_whitelist + ip_whitelist_admins }}'
source_ips: '{{ ip_whitelist }}'
destination_ips: []
description: 'Postgres-Exporter'
apply_to:
@ -236,7 +236,6 @@ hcloud_firewall_objects_kibana:
label_selector:
selector: 'service=kibana'
hcloud_firewall_objects_management:
-
name: "{{ stage }}-access-to-management"

Write Preview
Loading…
Cancel
Save