playbook.yml aktualisiert

This commit is contained in:
az 2024-05-08 12:21:19 +02:00
parent a8150120b2
commit 3d93485070
1 changed files with 17 additions and 3 deletions

View File

@ -2,7 +2,7 @@
- name: ensure safe environment for exams - name: ensure safe environment for exams
hosts: localhost hosts: localhost
vars: vars:
- config_ufw: false - config_ufw: true
# to verify ufw configuration run: # to verify ufw configuration run:
# sudo ufw status verbose # sudo ufw status verbose
@ -61,6 +61,8 @@
with_items: with_items:
- { direction: 'in', destination: '10.0.0.1/32' } - { direction: 'in', destination: '10.0.0.1/32' }
- { direction: 'out', destination: '10.0.0.1/32' } - { direction: 'out', destination: '10.0.0.1/32' }
- { direction: 'in', destination: '10.0.2.254/32' }
- { direction: 'out', destination: '10.0.2.243/32' }
- { direction: 'in', destination: '10.16.109.252/32' } - { direction: 'in', destination: '10.16.109.252/32' }
- { direction: 'out', destination: '10.16.109.252/32' } - { direction: 'out', destination: '10.16.109.252/32' }
- { direction: 'in', destination: '10.16.1.1/32' } - { direction: 'in', destination: '10.16.1.1/32' }
@ -79,6 +81,8 @@
with_items: with_items:
- { direction: 'in', destination: '10.0.0.1/32' } - { direction: 'in', destination: '10.0.0.1/32' }
- { direction: 'out', destination: '10.0.0.1/32' } - { direction: 'out', destination: '10.0.0.1/32' }
- { direction: 'in', destination: '10.0.2.254/32' }
- { direction: 'out', destination: '10.0.2.243/32' }
- { direction: 'in', destination: '10.16.109.252/32' } - { direction: 'in', destination: '10.16.109.252/32' }
- { direction: 'out', destination: '10.16.109.252/32' } - { direction: 'out', destination: '10.16.109.252/32' }
- { direction: 'in', destination: '10.16.1.1/32' } - { direction: 'in', destination: '10.16.1.1/32' }
@ -88,6 +92,17 @@
when: config_ufw when: config_ufw
environment: environment:
PATH: /sbin:{{ ansible_env.PATH }} PATH: /sbin:{{ ansible_env.PATH }}
- name: Allow apt-proxy-Access to some servers
ufw:
rule: allow
direction: '{{ item.direction }}'
dest: '{{ item.destination }}'
port: '3142'
with_items:
- { direction: 'in', destination: '10.0.2.254/32' }
- { direction: 'out', destination: '10.0.2.243/32' }
- { direction: 'in', destination: '10.16.1.3/32' }
- { direction: 'out', destination: '10.16.1.3/32' }
- name: Allow DNS-Access to some servers - name: Allow DNS-Access to some servers
ufw: ufw:
@ -211,8 +226,7 @@
- name: intall some prior installed packages - name: intall some prior installed packages
apt: apt:
name: name:
- htop - curl
- nmap
state: latest state: latest
- name: Enable ufw - name: Enable ufw