parent
d5b4aa8d81
commit
51e428be6d
@ -1,14 +1,14 @@
|
|||||||
# Ansible connection configuration
|
# Ansible connection configuration
|
||||||
# It is suggested that this file be encrypted with ansible-vault
|
# It is suggested that this file be encrypted with ansible-vault
|
||||||
ansible_port: 22
|
ansible_port: 26101
|
||||||
ansible_user: ssh_user
|
ansible_user: jebba
|
||||||
ansible_ssh_private_key_file: /path/to/pem
|
ansible_ssh_private_key_file: /home/jebba/.ssh/id_ed25519
|
||||||
|
|
||||||
# Uncomment to use SSH password instead of pem key
|
# Uncomment to use SSH password instead of pem key
|
||||||
# If you uncomment this, comment out the key_file line above
|
# If you uncomment this, comment out the key_file line above
|
||||||
#ansible_ssh_pass: mypassword
|
#ansible_ssh_pass: mypassword
|
||||||
|
|
||||||
# Domain variables required for the playbook
|
# Domain variables required for the playbook
|
||||||
var_domain: forksand.io
|
var_domain: forksand.com
|
||||||
var_mail_domain: mail.forksand.io
|
var_mail_domain: mx1.forksand.com
|
||||||
var_relay_domain: forksand.com
|
var_relay_domain: forksand.com
|
@ -1,3 +1,3 @@
|
|||||||
{{ domain }}
|
{{ domain }}
|
||||||
10.0.2.15/255.255.255.0
|
174.128.244.233
|
||||||
70.39.125.71
|
174.128.244.234
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
localhost
|
localhost
|
||||||
127.0.0.0/8
|
127.0.0.0/8
|
||||||
{{ domain }}
|
{{ domain }}
|
||||||
70.39.125.71
|
174.128.244.233
|
||||||
10.0.2.0/24
|
174.128.244.234
|
||||||
|
@ -1,26 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
# {{ ansible_managed }}
|
|
||||||
{% set merged = firewall_v6_default_rules.copy() %}
|
|
||||||
{% set _ = merged.update(firewall_v6_group_rules) %}
|
|
||||||
{% set _ = merged.update(firewall_v6_host_rules) %}
|
|
||||||
|
|
||||||
# flush rules & delete user-defined chains
|
|
||||||
ip6tables -F
|
|
||||||
ip6tables -X
|
|
||||||
ip6tables -t raw -F
|
|
||||||
ip6tables -t raw -X
|
|
||||||
ip6tables -t nat -F
|
|
||||||
ip6tables -t nat -X
|
|
||||||
ip6tables -t mangle -F
|
|
||||||
ip6tables -t mangle -X
|
|
||||||
|
|
||||||
{% for group, rules in merged|dictsort %}
|
|
||||||
# {{ group }}
|
|
||||||
{% if not rules %}
|
|
||||||
# (none)
|
|
||||||
{% endif %}
|
|
||||||
{% for rule in rules %}
|
|
||||||
ip6tables {{ rule }}
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
{% endfor %}
|
|
@ -1,3 +1,3 @@
|
|||||||
root: jebba
|
root: jebba
|
||||||
jebba: jebba-mail@{{ relay_domain }}
|
#jebba: jebba-mail@{{ relay_domain }}
|
||||||
nobody: /dev/null
|
nobody: /dev/null
|
Loading…
Reference in new issue