add iptables rule

2017-07-15 17:39:52 +02:00 · 2017-07-15 17:39:52 +02:00 · 4d02357c78
parent 87c0ba81bb
commit 4d02357c78
2 changed files with 11 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -0,0 +1,4 @@
+---
+nginx_open_ports:
+  - 80
+  - 443
--- a/tasks/config.yml
+++ b/tasks/config.yml
@ -35,3 +35,10 @@
    - header.conf
  notify:
    - nginx_restart
+
+- name: Open ports in iptables
+  iptables_raw:
+    name: allow_nginx_ports
+    state: present
+    rules: '-A INPUT -p tcp -m multiport --dports {{ nginx_open_ports|join(",") }} -j ACCEPT'
+  tags: iptables