thomas
/
sovereign
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Enable UFW after setting firewall rules 

On fresh installs of Debian 7.6, the current order of steps will lock you
out of SSH. This will enable UFW after creating rules for http, https, ssh,
and DNS. Fix comes from @Debugreality in issue #303:

https://github.com/al3x/sovereign/issues/303
Anthony Perez-sanz 9 years ago
parent
6d6885a02a
commit
cdf9ed07bb
1 changed files with 5 additions and 2 deletions
Split View Show Diff Stats
  1. 5
    2
      roles/common/tasks/ufw.yml

+ 5
- 2
roles/common/tasks/ufw.yml View File 

@@ -5,8 +5,8 @@
5 5 
 - name: Install ufw
6 6 
   apt: pkg=ufw state=present
7 7
8 
-- name: Deny everything and enable UFW
9 
-  ufw: state=enabled policy=deny
8 
+- name: Deny everything
9 
+  ufw: policy=deny
10 10
11 11 
 - name: Set firewall rule for DNS
12 12 
   ufw: rule=allow port=domain
 
@@ -21,6 +21,9 @@
21 21 
     - https
22 22 
     - ssh
23 23
24 
+- name: Enable UFW
25 
+  ufw: state=enabled
26 
+
24 27 
 - name: Check config of ufw
25 28 
   command: cat /etc/ufw/ufw.conf
26 29 
   register: ufw_config

Write Preview
Loading…
Cancel
Save