Why Gemfury? Push, build, and install  RubyGems npm packages Python packages Maven artifacts PHP packages Go Modules Debian packages RPM packages NuGet packages

frkl / pycklets python

Repository URL to install this package:

Version: 
1.0.0b1  ▾
Details    
pycklets / resources / frecklet / ufw-incoming-allowed.frecklet
Size: Mime: 
doc:
  short_help: ufw rule to allow incoming traffic
  help: |
    Configure ufw to allow incoming traffic that fits certain criteria.

    This frecklet will also install 'ufw' if it is not already present, but it won't enable it if it is not already.
    Make sure you have a rule to let you back in if you do that!
  references:
    ufw ubuntu community help: https://help.ubuntu.com/community/UFW
    "'ufw' ansible module": https://docs.ansible.com/ansible/latest/modules/ufw_module.html
  examples:
  - title: Allow access to udp port 514 from host 1.2.3.4 and include a comment
    vars:
      protocol: udp
      from_ip: 1.2.3.4
      to_port: 514
      comment: allow syslog
args:
  interface:
    doc:
      short_help: The name of the interface.
    type: string
    required: false
  protocol:
    doc:
      short_help: The protocol.
    type: string
    allowed:
    - any
    - tcp
    - udp
    - ipv6
    - esp
    - ah
    default: any
    required: false
  from_ip:
    doc:
      short_help: The source of the traffic to allow.
    type: string
    required: false
    default: any
  from_port:
    doc:
      short_help: The source port of the traffic to allow.
    type: integer
    required: false
  to_ip:
    doc:
      short_help: Destination IP address.
    type: string
    required: false
    default: any
  to_port:
    doc:
      short_help: The destination port of the traffic to allow.
    type: integer
    required: false
  comment:
    doc:
      short_help: A comment to the rule.
    type: string
    required: false

frecklets:
- ufw-installed
- frecklet:
    name: ufw
    type: ansible-module
    properties:
      elevated: true
      idempotent: true
      internet: false
    desc:
      short: configure ufw to allow certain incoming traffic
      long: |
        Add a rule to ufw that allows certain incoming traffic to {%:: if interface ::%}interface {{:: interface ::}}{%:: else ::%}all interfaces{%:: endif ::%}.

        The incoming traffic must match:

          {%:: if protocol ::%}protocol: {{:: protocol ::}}
          {%:: endif ::%}{%:: if from_ip ::%}from_ip: {{:: from_ip ::}}
          {%:: endif ::%}{%:: if to_ip ::%}to_ip: {{:: to_ip ::}}
          {%:: endif ::%}{%:: if from_port ::%}from_port: {{:: from_port ::}}
          {%:: endif ::%}{%:: if to_port ::%}to_port: {{:: to_port ::}}
          {%:: endif ::%}{%:: if comment ::%}comment: {{:: comment ::}}
          {%:: endif ::%}
  task:
    become: true
  vars:
    rule: allow
    interface: '{{:: interface ::}}'
    direction: in
    proto: '{{:: protocol ::}}'
    from_ip: '{{:: from_ip ::}}'
    from_port: '{{:: from_port ::}}'
    to_ip: '{{:: to_ip ::}}'
    to_port: '{{:: to_port ::}}'
    comment: '{{:: comment ::}}'
meta: {}

Products

About

Resources

Contact Gemfury