ufwis an ansible role which:
- installs ufw
- configures ufw
- configures ufw rules
- configures service
Using ansible-galaxy:
$ ansible-galaxy install franklinkim.ufw
Using requirements.yml:
- src: franklinkim.ufw
Using git:
$ git clone https://github.com/weareinteractive/ansible-ufw.git franklinkim.ufw
- Ansible 1.9
Here is a list of all the default variables for this role, which are also available in defaults/main.yml.
# ufw_rules:
# - { [port: ""] [rule: allow] [proto: any] [from_ip: any] [to_ip: any] }
# ufw_applications:
# - { name: OpenSSH [rule: allow] }
#
# package name (version)
ufw_package: ufw
# list of rules
ufw_rules: []
# list of profiles located in /etc/ufw/applications.d
ufw_applications: []
# /etc/defaut/ufw settings
ufw_ipv6: 'yes'
ufw_default_input_policy: DROP
ufw_default_output_policy: ACCEPT
ufw_default_forward_policy: DROP
ufw_default_application_policy: SKIP
# firewall state: enabled | disabled
ufw_state: enabled
ufw_logging: 'off'
- host: all
sudo: yes
roles:
- franklinkim.ufw
vars:
ufw_rules:
- { ip: '127.0.0.1/8' }
- { ip: '172.17.42.0/24', rule: deny }
- { port: 80, rule: allow }
ufw_default_forward_policy: ACCEPT
ufw_applications:
- { name: "OpenSSH" }
- { name: "IMAP", rule: deny }
$ git clone https://github.com/weareinteractive/ansible-ufw.git
$ cd ansible-ufw
$ vagrant up
In lieu of a formal styleguide, take care to maintain the existing coding style. Add unit tests and examples for any new or changed functionality.
- Fork it
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin my-new-feature) - Create new Pull Request
Copyright (c) We Are Interactive under the MIT license.