Update migration guide: add step to freeze current firewall rules and create ipt-server.yml for a.ns.oopen.de with initial configuration

This commit is contained in:
2026-06-29 11:38:20 +02:00
parent ba5683864a
commit e74fca04a2
2 changed files with 59 additions and 28 deletions
+27
View File
@@ -0,0 +1,27 @@
---
# ipt-firewall configuration for a.ns.oopen.de
# Generated by extract-fw-host-vars.py - review before committing!
# Place in: host_vars/<hostname>/ipt_firewall.yml
fw_manage_config: true
# --- Network
fw_ext_interfaces:
- "eth0"
fw_ext_ips_v4:
- "195.201.179.131"
fw_ext_ips_v6:
- "2a01:4f8:231:19a7::131"
# --- Munin
munin_remote_ipv4: 37.27.121.227
munin_remote_ipv6: "2a01:4f9:3070:2bda::227"
# --- DNS
fw_dns_server_ips: $ext_ips
# --- VPN / WireGuard
fw_wireguard_server_ips: $ext_ips
# --- Block
fw_blocked_ips: 222.184.0.0/13 61.160.0.0/16 116.8.0.0/14