add iptables task
Some checks failed
continuous-integration/drone/push Build is failing

This commit is contained in:
Robert Kaussow 2019-02-10 18:33:57 +01:00
parent 9a7b73eeb6
commit dab84a6db2
2 changed files with 9 additions and 3 deletions

View File

@ -5,13 +5,12 @@ cups_version: 2.2.10
cups_bind_url: cups_bind_url:
- localhost:631 - localhost:631
cups_listen_address: print.rknet.org cups_listen_address: print.example.org
cups_log_level: warn cups_log_level: warn
cups_server_admin: admin@example.com cups_server_admin: admin@example.com
cups_iptables_enabled: False
cups_tls_cert_path: "{{ cups_base_dir }}/tls/certs/mycert.pem"
cups_tls_key_path: "{{ cups_base_dir }}/tls/private/mykey.pem"
cups_tls_cert_source: mycert.pem cups_tls_cert_source: mycert.pem
cups_tls_key_source: mykey.pem cups_tls_key_source: mykey.pem

View File

@ -20,5 +20,12 @@
dest: "/etc/cups/cupsd.conf" dest: "/etc/cups/cupsd.conf"
mode: 0640 mode: 0640
notify: __cupsd_restart notify: __cupsd_restart
- name: Open ports in iptables
iptables_raw:
name: allow_cups
state: present
rules: '-A INPUT -m state --state NEW -p tcp --dport {{ cups_nginx_proxy_url | urlsplit("port") }} -j ACCEPT'
when: cups_iptables_enabled
become: True become: True
become_user: root become_user: root