playbook.yml aktualisiert

playbook.yml

@@ -2,7 +2,7 @@
 - name: ensure safe environment for exams
   hosts: localhost
   vars:
-    - config_ufw: false
+    - config_ufw: true
 
 # to verify ufw configuration run:
 # sudo ufw status verbose
@@ -61,6 +61,8 @@
       with_items:
         - { direction: 'in',  destination: '10.0.0.1/32' }
         - { direction: 'out', destination: '10.0.0.1/32' }
+        - { direction: 'in',  destination: '10.0.2.254/32' }
+        - { direction: 'out', destination: '10.0.2.243/32' }
         - { direction: 'in',  destination: '10.16.109.252/32' }
         - { direction: 'out', destination: '10.16.109.252/32' }
         - { direction: 'in',  destination: '10.16.1.1/32' }
@@ -79,6 +81,8 @@
       with_items:
         - { direction: 'in',  destination: '10.0.0.1/32' }
         - { direction: 'out', destination: '10.0.0.1/32' }
+        - { direction: 'in',  destination: '10.0.2.254/32' }
+        - { direction: 'out', destination: '10.0.2.243/32' }
         - { direction: 'in',  destination: '10.16.109.252/32' }
         - { direction: 'out', destination: '10.16.109.252/32' }
         - { direction: 'in',  destination: '10.16.1.1/32' }
@@ -88,6 +92,17 @@
       when: config_ufw
       environment:
         PATH: /sbin:{{ ansible_env.PATH }}      
+    - name: Allow apt-proxy-Access to some servers
+      ufw:
+        rule: allow
+        direction: '{{ item.direction }}'
+        dest: '{{ item.destination }}'
+        port: '3142'
+      with_items:
+        - { direction: 'in',  destination: '10.0.2.254/32' }
+        - { direction: 'out', destination: '10.0.2.243/32' }
+        - { direction: 'in',  destination: '10.16.1.3/32' }
+        - { direction: 'out', destination: '10.16.1.3/32' }
 
     - name: Allow DNS-Access to some servers
       ufw:
@@ -211,8 +226,7 @@
     - name: intall some prior installed packages
       apt: 
         name: 
-          - htop
+          - curl
-          - nmap
         state: latest
 
     - name: Enable ufw