Refactor extract-fw-host-vars.py to improve quoted value handling and add fw_manage_config to generated YAML; create ipt-server.yml for a.mx.oopen.de with initial configuration
This commit is contained in:
@@ -0,0 +1,45 @@
|
||||
---
|
||||
# ipt-firewall configuration for a.mx.oopen.de
|
||||
# Generated by extract-fw-host-vars.py - review before committing!
|
||||
# Place in: host_vars/<hostname>/ipt_firewall.yml
|
||||
|
||||
fw_manage_config: true
|
||||
|
||||
# --- Network
|
||||
fw_ext_interfaces:
|
||||
- "eth0"
|
||||
fw_ext_ips_v4:
|
||||
- "95.217.204.247"
|
||||
fw_ext_ips_v6:
|
||||
- "2a01:4f9:4a:47e5::247"
|
||||
|
||||
# --- Munin
|
||||
munin_remote_ipv4: 37.27.121.227
|
||||
munin_remote_ipv6: "2a01:4f9:3070:2bda::227"
|
||||
|
||||
# --- HTTP
|
||||
fw_http_server_ips: $ext_1_ip
|
||||
|
||||
# --- Mail
|
||||
fw_smtpd_ips: $ext_1_ip
|
||||
fw_mail_server_ips: $ext_1_ip
|
||||
fw_mail_client_ips: $ext_1_ip
|
||||
fw_dovecot_auth_service: true
|
||||
|
||||
# - meet.oopen.de -> 159.69.74.155
|
||||
# - meet.akweb.de -> 148.251.14.136
|
||||
# - jo.oopen.de -> 94.16.115.62
|
||||
# -
|
||||
# - meet.akweb.de -> 2a01:4f8:201:7389::136
|
||||
# - meet.oopen.de -> 2a01:4f8:231:19a7::155
|
||||
fw_dovecot_auth_allowed_networks_v4: 159.69.74.155 148.251.14.136 94.16.115.62
|
||||
fw_dovecot_auth_allowed_networks_v6: "2a01:4f8:231:19a7::155 2a01:4f8:201:7389::136"
|
||||
|
||||
# --- Jitsi
|
||||
fw_jitsi_dovecot_auth: true
|
||||
|
||||
# --- Rsync
|
||||
fw_rsync_out_ips: $ext_1_ip
|
||||
|
||||
# --- Protection / limits
|
||||
fw_per_IP_connection_limit: 250
|
||||
Reference in New Issue
Block a user