diff --git a/group_vars/all/firewall.yml b/group_vars/all/firewall.yml index 008e32d..b3cd629 100644 --- a/group_vars/all/firewall.yml +++ b/group_vars/all/firewall.yml @@ -8,28 +8,28 @@ hcloud_firewall_objects: direction: in protocol: icmp port: '' - source_ips: '{{ ip_whitelist + ip_whitelist_admins }}' + source_ips: '{{ ip_whitelist }}' destination_ips: [] description: ICMP allowed - direction: in protocol: tcp port: '22' - source_ips: '{{ ip_whitelist + ip_whitelist_admins }}' + source_ips: '{{ ip_whitelist }}' destination_ips: [] description: SSH allowed - direction: in protocol: tcp port: '80' - source_ips: '{{ ip_whitelist + ip_whitelist_admins }}' + source_ips: '{{ ip_whitelist }}' destination_ips: [] description: HTTP allowed - direction: in protocol: tcp port: '443' - source_ips: '{{ ip_whitelist + ip_whitelist_admins }}' + source_ips: '{{ ip_whitelist }}' destination_ips: [] description: HTTPS allowed - @@ -59,21 +59,21 @@ hcloud_firewall_objects: direction: in protocol: tcp port: '9080-9085' - source_ips: '{{ ip_whitelist + ip_whitelist_admins }}' + source_ips: '{{ ip_whitelist }}' destination_ips: [] description: 'Server/Service Monitoring' - direction: in protocol: tcp port: '9001' - source_ips: '{{ ip_whitelist + ip_whitelist_admins }}' + source_ips: '{{ ip_whitelist }}' destination_ips: [] description: 'PgAdmin' - direction: in protocol: tcp port: '9187' - source_ips: '{{ ip_whitelist + ip_whitelist_admins }}' + source_ips: '{{ ip_whitelist }}' destination_ips: [] description: 'Postgres-Exporter' apply_to: @@ -236,7 +236,6 @@ hcloud_firewall_objects_kibana: label_selector: selector: 'service=kibana' - hcloud_firewall_objects_management: - name: "{{ stage }}-access-to-management"