32 lines
841 B
YAML
32 lines
841 B
YAML
---
|
|
# Enable connections from the Tinc VPN `tun0` interface
|
|
- name: Enable VPN connections
|
|
tags: ['role::tinc', 'role::tinc:firewall']
|
|
iptables:
|
|
comment: VPN connections
|
|
chain: INPUT
|
|
jump: ACCEPT
|
|
in_interface: tun0
|
|
|
|
- name: Enable VPN connections for Docker
|
|
tags: ['role::tinc', 'role::tinc:firewall']
|
|
iptables:
|
|
chain: DOCKER-USER
|
|
action: insert
|
|
comment: VPN connections
|
|
in_interface: tun0
|
|
jump: ACCEPT
|
|
|
|
- name: Enable various service ports
|
|
tags: ['role::tinc', 'role::tinc:firewall']
|
|
iptables:
|
|
chain: INPUT
|
|
jump: ACCEPT
|
|
source: '0.0.0.0/0'
|
|
comment: '{{ item.cmt }}'
|
|
protocol: '{{ item.prot | default("tcp") }}'
|
|
destination_port: '{{ item.port }}'
|
|
with_items:
|
|
- { "port": 655, "cmt": "Tinc VPN TCP" }
|
|
- { "port": 655, "cmt": "Tinc VPN UDP", "prot": "udp" }
|