add iptables task
This commit is contained in:
parent
2b5552a892
commit
ecb0f0e575
@ -13,6 +13,7 @@ postgres_log_filename: postgresql.log
|
||||
postgres_log_rotation_age: 1d
|
||||
postgres_log_rotation_size: 0
|
||||
|
||||
postgres_iptables_enabled: False
|
||||
postgres_connection_port: 5432
|
||||
postgres_connection_addresses:
|
||||
- localhost
|
||||
|
@ -22,6 +22,13 @@
|
||||
dest: "{{ __postgres_config_path }}/pg_hba.conf"
|
||||
mode: 0600
|
||||
notify: __postgres_restart
|
||||
|
||||
- name: Open ports in iptables
|
||||
iptables_raw:
|
||||
name: allow_postgres_port
|
||||
state: present
|
||||
rules: '-A INPUT -m state --state NEW -p tcp --dport {{ postgres_connection_port }} -j ACCEPT'
|
||||
when: postgres_iptables_enabled
|
||||
become: True
|
||||
become_user: root
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user