From 648f53da4747039cd00940b04bab68eada7cfdd6 Mon Sep 17 00:00:00 2001 From: Erin Sims Date: Tue, 13 Sep 2022 17:48:55 -0400 Subject: [PATCH] working on firewalls and ports --- playbooks/create_droplet.yml | 34 +++++++++++++++++++++++++++++++--- 1 file changed, 31 insertions(+), 3 deletions(-) diff --git a/playbooks/create_droplet.yml b/playbooks/create_droplet.yml index 91e81b4..89b4ab5 100644 --- a/playbooks/create_droplet.yml +++ b/playbooks/create_droplet.yml @@ -43,9 +43,9 @@ register: created_droplets_backend loop: "{{ range(1,count| int + 1) }}" - - name: Create a Firewall named mpd-firewall + - name: Create a Firewall named mpdf-firewall community.digitalocean.digital_ocean_firewall: - name: mpd-firewall + name: mpdf-firewall state: present inbound_rules: - protocol: "tcp" @@ -74,7 +74,35 @@ ports: "1-65535" destinations: addresses: ["0.0.0.0/0", "::/0"] - tags: ["mpdf", "mpdb"] + tags: ["mpdf"] + - name: Create a Firewall named mpdb-firewall + community.digitalocean.digital_ocean_firewall: + name: mpdb-firewall + state: present + inbound_rules: + - protocol: "tcp" + ports: "22" + sources: + addresses: ["0.0.0.0/0", "::/0"] + - protocol: "tcp" + ports: "8888" + sources: + addresses: ["0.0.0.0/0", "::/0"] + outbound_rules: + - protocol: "tcp" + ports: "1-65535" + destinations: + addresses: ["0.0.0.0/0", "::/0"] + - protocol: "udp" + ports: "1-65535" + destinations: + addresses: ["0.0.0.0/0", "::/0"] + - protocol: "icmp" + ports: "1-65535" + destinations: + addresses: ["0.0.0.0/0", "::/0"] + tags: ["mpdb"] +- - name: mpdb ansible.builtin.import_playbook: mpdb.yaml - name: mpdf