remove iptables integration
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
This commit is contained in:
parent
f5b79903d3
commit
02826eafad
|
@ -85,13 +85,6 @@ matrix_db_password: secure
|
||||||
matrix_db_ssl_mode: disable
|
matrix_db_ssl_mode: disable
|
||||||
matrix_db_ssl_root_cert: /etc/pki/tls/certs/ca-bundle.trust.crt
|
matrix_db_ssl_root_cert: /etc/pki/tls/certs/ca-bundle.trust.crt
|
||||||
|
|
||||||
matrix_iptables_enabled: False
|
|
||||||
matrix_open_ports:
|
|
||||||
- name: allow_matrix_web
|
|
||||||
rules: |
|
|
||||||
-A INPUT -m state --state NEW -p tcp --dport {{ matrix_http_bind_port }} -j ACCEPT
|
|
||||||
state: present
|
|
||||||
|
|
||||||
matrix_url_preview_enabled: False
|
matrix_url_preview_enabled: False
|
||||||
|
|
||||||
# List of IP address CIDR ranges that the URL preview spider is denied
|
# List of IP address CIDR ranges that the URL preview spider is denied
|
||||||
|
|
|
@ -74,17 +74,5 @@
|
||||||
loop_control:
|
loop_control:
|
||||||
label: "{{ item.log }}"
|
label: "{{ item.log }}"
|
||||||
when: matrix_logrotate_enabled | bool
|
when: matrix_logrotate_enabled | bool
|
||||||
|
|
||||||
- name: Open ports in iptables
|
|
||||||
iptables_raw:
|
|
||||||
name: "{{ item.name }}"
|
|
||||||
rules: "{{ item.rules }}"
|
|
||||||
state: "{{ item.state | default('present') }}"
|
|
||||||
weight: "{{ item.weight | default(omit) }}"
|
|
||||||
table: "{{ item.table | default(omit) }}"
|
|
||||||
loop: "{{ matrix_open_ports }}"
|
|
||||||
loop_control:
|
|
||||||
label: "{{ item.name }}"
|
|
||||||
when: matrix_iptables_enabled | bool
|
|
||||||
become: True
|
become: True
|
||||||
become_user: root
|
become_user: root
|
||||||
|
|
Loading…
Reference in New Issue