.
This commit is contained in:
Jonas Forsberg
@@ -1,3 +1,9 @@
|
||||
Configure wireguard service:
|
||||
firewalld.service:
|
||||
- name: wireguard
|
||||
- ports:
|
||||
- {{ pillar['wireguard']['port'] }}/udp
|
||||
|
||||
Configure firewalld for external interface:
|
||||
firewalld.present:
|
||||
- name: external
|
||||
@@ -10,6 +16,7 @@ Configure firewalld for external interface:
|
||||
- {{ pillar['network']['interface']['external'] }}
|
||||
- services:
|
||||
- ssh
|
||||
- wireguard
|
||||
|
||||
Configure firewalld for internal network:
|
||||
firewalld.present:
|
||||
@@ -20,6 +27,7 @@ Configure firewalld for internal network:
|
||||
- prune_sources: True
|
||||
- interfaces:
|
||||
- {{ pillar['network']['interface']['internal'] }}
|
||||
- {{ pillar['wireguard']['iface'] }}
|
||||
- sources:
|
||||
- {{ pillar['network']['netaddress'] }}/{{ pillar['network']['netmask'] }}
|
||||
- services:
|
||||
|
||||
Reference in New Issue
Block a user