From 17674683e9af73274fbea070ab25b6b19bcc280f Mon Sep 17 00:00:00 2001
From: az <info@az-it.net>
Date: Wed, 8 May 2024 09:47:30 +0200
Subject: [PATCH] playbook.yml aktualisiert

---
 playbook.yml | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/playbook.yml b/playbook.yml
index 6c80edd..e14826e 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -1,6 +1,8 @@
 ---
 - name: ensure safe environment for exams
   hosts: localhost
+  vars:
+    - config_ufw: false
 
 # to verify ufw configuration run:
 # sudo ufw status verbose
@@ -29,7 +31,7 @@
         path: /etc/ufw/before.rules
         regexp: '(.*limit --limit*)'
         replace: '#\1'
-
+      when: config_ufw
     - name: Allow all access to tcp port 123
       ufw:
         rule: allow
@@ -38,6 +40,7 @@
       with_items:
         - in
         - out
+      when: config_ufw
 
     - name: Allow SSH-Access to some servers
       ufw:
@@ -54,6 +57,7 @@
         - { direction: 'out', destination: '10.16.1.1/32' }
         - { direction: 'in',  destination: '162.55.5.40/32' }
         - { direction: 'out', destination: '162.55.5.40/32' }
+      when: config_ufw
     - name: Allow https-Access to some servers
       ufw:
         rule: allow
@@ -69,6 +73,7 @@
         - { direction: 'out', destination: '10.16.1.1/32' }
         - { direction: 'in',  destination: '162.55.5.40/32' }
         - { direction: 'out', destination: '162.55.5.40/32' }
+      when: config_ufw
 
     - name: Allow DNS-Access to some servers
       ufw:
@@ -81,11 +86,13 @@
         - { direction: 'out', destination: '10.0.0.1/32' }
         - { direction: 'in',  destination: '10.16.1.1/32' }
         - { direction: 'out', destination: '10.16.1.1/32' }
+      when: config_ufw
 
     - name: Allow dns
       ufw: rule={{ item.rule }} port={{ item.port }}
       with_items:
         - { rule: 'allow', port: '53'}
+      when: config_ufw
 
     - name: disable mounting of usb flash drives
       file: