WoodSmellParticle/ansible-infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor(security): reworked firewall configuration and added support for DNS, HTTP and ICMP rules; added autoconf for resolv.conf to match FW rules

Browse source
This commit is contained in:
NaeiKinDus 2024-01-06 00:00:00 +00:00
parent 3a7440f570
commit da45c7c409
Signed by: WoodSmellParticle
GPG key ID: 8E52ADFF7CA8AE56
22 changed files with 169 additions and 48 deletions
Download patch file Download diff file Expand all files Collapse all files

8
inventory/host_vars/unobtainium/vars.yml
View file

@ -32,3 +32,11 @@ custom_security:
drop_privatenets: false
policy:
forward: accept
dns:
type: "udp"
udp:
dns4: "{{ vault_groups.network.internal.dns4 }}"
dns6: "{{ vault_groups.network.internal.dns6 }}"
network: "internal"
ip_dualstack: false