status-im
/
infra-role-tinc
mirror of https://github.com/status-im/infra-role-tinc.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

add saving of tinc iptables rules 

Signed-off-by: Jakub Sokołowski <jakub@status.im>
This commit is contained in:
Jakub Sokołowski 2019-05-14 09:41:44 +02:00
parent 7e006f3189
commit edbc212af4
No known key found for this signature in database
GPG Key ID: 4EF064D0E6D63020
2 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
handlers/main.yml
View File

@ -4,3 +4,6 @@
name: 'tinc@{{ tinc_network_name }}'
state: restarted
enabled: true
- name: Save iptables rules
shell: iptables-save > /etc/iptables/rules.v4

6
tasks/firewall.yml
View File

@ -7,6 +7,8 @@
chain: INPUT
jump: ACCEPT
in_interface: tun0
notify:
- Save iptables rules
- name: Enable VPN connections for Docker
tags: ['role::tinc', 'role::tinc:firewall']
@ -16,6 +18,8 @@
comment: VPN connections
in_interface: tun0
jump: ACCEPT
notify:
- Save iptables rules
- name: Enable various service ports
tags: ['role::tinc', 'role::tinc:firewall']
@ -29,3 +33,5 @@
with_items:
- { "port": 655, "cmt": "Tinc VPN TCP" }
- { "port": 655, "cmt": "Tinc VPN UDP", "prot": "udp" }
notify:
- Save iptables rules