Commit bb2bb27b authored by Imran Hussain's avatar Imran Hussain

Add ansible role to deploy the sucs firewall to gw

parent 6153b513
[defaults]
inventory = ./inventory/hosts
\ No newline at end of file
[servers-physical]
silver ansible_host=137.44.10.1
iridium
backup
gw
iridium remote_user=root
backup remote_user=root
gw remote_user=root
[servers-virtual]
games
paf
su-apiv2
vmnet
mirror
paf remote_user=root
su-apiv2 remote_user=root
vmnet remote_user=root
mirror remote_user=root
[servers:children]
servers-physical
......@@ -26,6 +26,6 @@ bromine
iodine
[other]
door
door remote_user=root
pi
#vanadium
\ No newline at end of file
- name: update firewall
command: /bin/bash /root/firewall-rules.sh
\ No newline at end of file
- name: make sure iptables and other packages are installed
package:
name: "{{ item }}"
state: installed
with_items:
- iptables
- conntrack
- iptstate
- name: enable ipv4 forwarding
sysctl:
name: net.ipv4.ip_forward
value: 1
sysctl_set: yes
state: present
reload: yes
- name: deploy firewall rules to the machine
template:
src: firewall-rules
dest: /root/firewall-rules.sh
mode: 0744
notify: update firewall
\ No newline at end of file
This diff is collapsed.
- hosts: gw
roles:
- common
- sucs-firewall
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment