status-im
/
infra-nimbus
mirror of https://github.com/status-im/infra-nimbus.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

mainnet: fix formatting of firewall rules 

Signed-off-by: Jakub Sokołowski <jakub@status.im>
This commit is contained in:
Jakub Sokołowski 2024-09-25 21:29:09 +02:00
parent dd218622e3
commit e52fb7a928
No known key found for this signature in database
GPG Key ID: FE65CD384D5BF7B4
3 changed files with 24 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
ansible/group_vars/nimbus.mainnet.yml
View File

@ -115,20 +115,19 @@ bootstrap__firewall_nftables: true
# Open Ports
open_ports_list:
nginx:
- { port: '443', comment: 'Nginx' }
- { port: '443', comment: 'Nginx' }
smart-metrics:
- { port: '{{ smart_metrics_listen_port }}', comment: 'SMART Metrics', ipset: 'metrics.hq', iifname: 'wg0' }
- { port: '{{ smart_metrics_listen_port }}', comment: 'SMART Metrics', ipset: 'metrics.hq', iifname: 'wg0' }
geth-node:
- { port: '{{ geth_port }}', comment: 'Go-Ethereum libp2p', protocol: 'tcp' }
- { port: '{{ geth_port }}', comment: 'Go-Ethereum discovery', protocol: 'udp' }
- { port: '{{ geth_expo_cont_port }}', comment: 'Go-Ethereum Exporter', ipset: 'metrics.hq', iifname: 'wg0' }
- { port: '{{ geth_authrpc_port }}', comment: 'Go-Ethereum AuthRPC', ipset: '{{ env }}.{{ stage }}', iifname: 'wg0' }
- { port: '{{ geth_rpc_port }}', comment: 'RPC for Portal Bridge', ipset: 'nimbus.fluffy', iifname: 'wg0' }
- { port: '{{ geth_port }}', comment: 'Go-Ethereum libp2p', protocol: 'tcp' }
- { port: '{{ geth_port }}', comment: 'Go-Ethereum discovery', protocol: 'udp' }
- { port: '{{ geth_expo_cont_port }}', comment: 'Go-Ethereum Exporter', ipset: 'metrics.hq', iifname: 'wg0' }
- { port: '{{ geth_authrpc_port }}', comment: 'Go-Ethereum AuthRPC', ipset: '{{ env }}.{{ stage }}', iifname: 'wg0' }
- { port: '{{ geth_rpc_port }}', comment: 'RPC for Portal Bridge', ipset: 'nimbus.fluffy', iifname: 'wg0' }
beacon-node:
- { port: '9000-9005', comment: 'Beacon Node libp2p', protocol: 'tcp' }
- { port: '9000-9005', comment: 'Beacon Node discovery', protocol: 'udp' }
- { port: '9200-9205', comment: 'Beacon Node Metrics', ipset: 'metrics.hq', iifname: 'wg0' }
- { port: '9300-9305', comment: 'Beacon Node REST API', ipset: '{{ env }}.{{ stage }}', iifname: 'wg0' }
- { port: '9000-9005', comment: 'Beacon Node libp2p', protocol: 'tcp' }
- { port: '9000-9005', comment: 'Beacon Node discovery', protocol: 'udp' }
- { port: '9200-9205', comment: 'Beacon Node Metrics', ipset: 'metrics.hq', iifname: 'wg0' }
- { port: '9300-9305', comment: 'Beacon Node REST API', ipset: '{{ env }}.{{ stage }}', iifname: 'wg0' }
# Fleet layout can be found in: ansible/vars/layout/mainnet.yml
# Fleet layout can be found in: ansible/vars/layout/mainnet.yml

12
ansible/host_vars/bootstrap-01.aws-eu-central-1a.nimbus.mainnet.yml
View File

@ -17,11 +17,11 @@ beacon_node_rest_port: 9300
# Open Ports
open_ports_list:
nginx:
- { port: '443', comment: 'Nginx' }
- { port: '443', comment: 'Nginx' }
smart-metrics:
- { port: '{{ smart_metrics_listen_port }}', comment: 'SMART Metrics', ipset: 'metrics.hq', iifname: 'wg0' }
- { port: '{{ smart_metrics_listen_port }}', comment: 'SMART Metrics', ipset: 'metrics.hq', iifname: 'wg0' }
beacon-node:
- { port: '{{ beacon_node_discovery_port }}', comment: 'Beacon Node libp2p', protocol: 'tcp' }
- { port: '{{ beacon_node_discovery_port }}', comment: 'Beacon Node discovery', protocol: 'udp' }
- { port: '{{ beacon_node_metrics_port }}', comment: 'Beacon Node Metrics', ipset: 'metrics.hq', iifname: 'wg0' }
- { port: '{{ beacon_node_rest_port }}', comment: 'Beacon Node REST API', ipset: '{{ env }}.{{ stage }}', iifname: 'wg0' }
- { port: '{{ beacon_node_discovery_port }}', comment: 'Beacon Node libp2p', protocol: 'tcp' }
- { port: '{{ beacon_node_discovery_port }}', comment: 'Beacon Node discovery', protocol: 'udp' }
- { port: '{{ beacon_node_metrics_port }}', comment: 'Beacon Node Metrics', ipset: 'metrics.hq', iifname: 'wg0' }
- { port: '{{ beacon_node_rest_port }}', comment: 'Beacon Node REST API', ipset: '{{ env }}.{{ stage }}', iifname: 'wg0' }

12
ansible/host_vars/bootstrap-02.aws-eu-central-1a.nimbus.mainnet.yml
View File

@ -17,11 +17,11 @@ beacon_node_rest_port: 9300
# Open Ports
open_ports_list:
nginx:
- { port: '443', comment: 'Nginx' }
- { port: '443', comment: 'Nginx' }
smart-metrics:
- { port: '{{ smart_metrics_listen_port }}', comment: 'SMART Metrics', ipset: 'metrics.hq', iifname: 'wg0' }
- { port: '{{ smart_metrics_listen_port }}', comment: 'SMART Metrics', ipset: 'metrics.hq', iifname: 'wg0' }
beacon-node:
- { port: '{{ beacon_node_discovery_port }}', comment: 'Beacon Node libp2p', protocol: 'tcp' }
- { port: '{{ beacon_node_discovery_port }}', comment: 'Beacon Node discovery', protocol: 'udp' }
- { port: '{{ beacon_node_metrics_port }}', comment: 'Beacon Node Metrics', ipset: 'metrics.hq', iifname: 'wg0' }
- { port: '{{ beacon_node_rest_port }}', comment: 'Beacon Node REST API', ipset: '{{ env }}.{{ stage }}', iifname: 'wg0' }
- { port: '{{ beacon_node_discovery_port }}', comment: 'Beacon Node libp2p', protocol: 'tcp' }
- { port: '{{ beacon_node_discovery_port }}', comment: 'Beacon Node discovery', protocol: 'udp' }
- { port: '{{ beacon_node_metrics_port }}', comment: 'Beacon Node Metrics', ipset: 'metrics.hq', iifname: 'wg0' }
- { port: '{{ beacon_node_rest_port }}', comment: 'Beacon Node REST API', ipset: '{{ env }}.{{ stage }}', iifname: 'wg0' }