Skip to content
/ ansible-ufw Public
forked from weareinteractive/ansible-ufw

Ansible role which installs and configures ufw

License

MIT license
0 stars 38 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

alexray92/ansible-ufw

BranchesTags
 
 

Repository files navigation

Ansible franklinkim.ufw role

Build Status Galaxy GitHub Tags GitHub Stars

franklinkim.ufw is an Ansible role which:

  • installs ufw
  • configures ufw
  • configures ufw rules
  • configures service

Installation

Using ansible-galaxy:

$ ansible-galaxy install franklinkim.ufw

Using requirements.yml:

- src: franklinkim.ufw

Using git:

$ git clone https://github.com/weareinteractive/ansible-ufw.git franklinkim.ufw

Dependencies

  • Ansible >= 1.9

Variables

Here is a list of all the default variables for this role, which are also available in defaults/main.yml.

---
# ufw_rules:
#   - { [port: ""] [rule: allow] [proto: any] [from_ip: any] [to_ip: any] }
# ufw_applications:
#   - { name: OpenSSH [rule: allow] }
#

# package name (version)
ufw_package: ufw
# list of rules
ufw_rules: [{ port: 22, rule: allow }]
# list of profiles located in /etc/ufw/applications.d
ufw_applications: []
# /etc/defaut/ufw settings
ufw_ipv6: "yes"
ufw_default_input_policy: DROP
ufw_default_output_policy: ACCEPT
ufw_default_forward_policy: DROP
ufw_default_application_policy: SKIP
# firewall state: enabled | disabled
ufw_state: enabled
ufw_logging: "off"
# always reset the firewall
ufw_reset: yes

Handlers

These are the handlers that are defined in handlers/main.yml.

---

- name: reload ufw
  command: ufw reload

Usage

This is an example playbook:

---

- hosts: all
  roles:
    - franklinkim.ufw
  vars:
    ufw_rules:
      - { port: 80, rule: allow }
      - { from_ip: '127.0.0.1/8' }
      - { from_ip: '127.0.42.0/24', rule: deny }
    ufw_default_forward_policy: ACCEPT
    ufw_logging: full
    ufw_applications:
     - { name: "OpenSSH" }

Testing

$ git clone https://github.com/weareinteractive/ansible-ufw.git
$ cd ansible-ufw
$ make test

Contributing

In lieu of a formal style guide, take care to maintain the existing coding style. Add unit tests and examples for any new or changed functionality.

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request

Note: To update the README.md file please install and run ansible-role:

$ gem install ansible-role
$ ansible-role docgen

License

Copyright (c) We Are Interactive under the MIT license.

About

Ansible role which installs and configures ufw

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

10 tags

Packages

No packages published