servers/roles/ceph/tasks/firewall.yml
Timotej Lazar 8be55c2bde ceph: set up firewall
Still need to drop the hardcoded allowed set.
2024-04-05 06:12:58 +02:00

21 lines
488 B
YAML

- name: Retrieve service list
set_fact:
services: '{{ query("netbox.netbox.nb_lookup", "clusters", raw_data=true, api_filter="name="+cluster) | map(attribute="custom_fields.services") | flatten }}'
- name: Install nftables
package:
name: nftables
- name: Configure nftables
template:
dest: /etc/nftables.conf
src: nftables.conf.j2
mode: 0644
notify: reload nftables
- name: Enable nftables
service:
name: nftables
enabled: true
state: started