adelgado/ansible-role-signal_api
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add handle of ufw

Browse source
This commit is contained in:
Antonio J. Delgado 2023-03-19 17:49:08 +02:00
parent a4eb685448
commit 110bf14848
2 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
defaults/main.yml
View file

@ -4,3 +4,6 @@
signal_data_folder: /var/lib/signal_api signal_data_folder: /var/lib/signal_api
signal_api_port: 8080 signal_api_port: 8080
signal_container_image: bbernhard/signal-cli-rest-api signal_container_image: bbernhard/signal-cli-rest-api
handle_ufw: false
localnetworks:
- 192.168.1.0/24

5
tasks/configure.yml
View file

@ -24,11 +24,14 @@
register: container register: container
ignore_errors: true ignore_errors: true
- name: Ensure UFW allow traffic to exposed port - name: Ensure UFW allow traffic to exposed port from local network
ufw: ufw:
rule: allow rule: allow
route: true route: true
from_ip: "{{ item }}"
to_port: "{{ signal_api_port }}" to_port: "{{ signal_api_port }}"
when: handle_ufw
with: "{{ localnetworks }}"
- name: Generate service unit - name: Generate service unit
shell: podman generate systemd --new --name signal-api > /etc/systemd/system/podman_signal_api.service shell: podman generate systemd --new --name signal-api > /etc/systemd/system/podman_signal_api.service