ai-workspace-infra/gitops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
136b205e01
gitops/playbooks
History
Haitao Pan 136b205e01 firewall role: add UFW mail server firewall configuration 
- Add comprehensive UFW firewall rules for mail server
- Opens essential ports: SSH (22), HTTPS (443), HTTP (80)
- Opens mail ports: SMTP (25), Submission (587), SMTPS (465), IMAPS (993)
- Blocks plaintext ports: POP3 (110), IMAP (143), POP3S (995)
- Allows LMTP (24) from private networks only
- Provides verification output with visual status display
- Default deny all incoming, allow all outgoing
- Security warnings included in output

Features:
- Idempotent UFW configuration
- Configurable via variables
- Clean visual output of all rules
- SSH added first to prevent lockout
- Documentation in defaults/main.yml

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-10 20:48:31 +08:00
..
deepflow/deepflow-agent-playbook feat: add deepflow agent playbook and deployment tools 2025-06-16 11:01:52 +08:00
playbooks/roles/docker/keycloak add playbooks & scripts 2025-05-23 21:19:18 +08:00
roles firewall role: add UFW mail server firewall configuration 2025-11-10 20:48:31 +08:00
apply-branch-protection.yml Organize branch protection playbook as GitHub role 2025-08-30 10:56:55 +08:00
common add playbooks & scripts 2025-05-23 21:19:18 +08:00
deploy_blackbox_exporters_vhosts.yml blackbox_exporters: add login/logout/register paths to vhosts 2025-10-03 18:44:08 +08:00
deploy_deepflow_agent add deepflow_agent role 2025-07-07 13:32:16 +08:00
deploy_exporters_vhosts.yml playbooks: update exporters vhosts and add monitor server 2025-09-29 12:54:09 +08:00
deploy_monitor_server.yml playbooks: update exporters vhosts and add monitor server 2025-09-29 12:54:09 +08:00
deploy_nginx_vhosts.yml add playbooks/deploy_nginx_vhosts.yml 2025-10-20 16:32:32 +08:00
deploy_nodejs_vhosts.yml Expose Node.js version in Ubuntu role messaging 2025-09-24 13:33:06 +08:00
deploy_openresty_vhosts.yml OpenResty: remove meta/main.yml 2025-09-19 20:54:28 +08:00
deploy_postgre_vhosts.yml feat: manage postgres apt keyring via common role 2025-09-24 13:17:43 +08:00
deploy_postgres_vhosts.yml Add PostgreSQL vhost role for Ubuntu 22.04+ 2025-09-19 21:42:02 +08:00
deploy_redis_vhosts.yml playbooks: add deploy_postgre_vhosts & deploy_redis_vhosts 2025-09-20 14:01:07 +08:00
deploy_tiny_monitor_server_vhost.yml Add Grafana and Prometheus vhost roles with playbook 2025-08-18 14:16:16 +08:00
deploy_vhosts_otel-collector.yml Refine otel collector configuration variables 2025-09-21 11:40:16 +08:00
deploy_xcontrol_server._vhosts.yml Add XControl server playbook and role 2025-09-19 22:12:48 +08:00
deploy-docker-harbor.yml add playbooks & scripts 2025-05-23 21:19:18 +08:00
deploy-docker-keycloak.yml add playbooks & scripts 2025-05-23 21:19:18 +08:00
gpu_k8s_init.yml Add GPU K8s reset playbook, rename init file, update inventory 2025-06-26 18:09:16 +08:00
gpu_k8s_reset.yml Add GPU K8s reset playbook, rename init file, update inventory 2025-06-26 18:09:16 +08:00
init_chaos_mesh add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_chartmuseum add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_deepflow add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_flagger-loadtester add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_gitlab add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_grafana_alloy add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_harbor_server add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_jenkins add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_k3s_cluster_agent add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_k3s_cluster_server add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_k3s_cluster_std add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_k3s_cluster_with_argo_server add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_observability-agent add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_observability-server add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_openldap add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_splunk-otel-collector add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_telegraf add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_vault add playbooks & scripts 2025-05-23 21:19:18 +08:00
init_vpn_gateway.yml add playbooks & scripts 2025-05-23 21:19:18 +08:00
init-harbor-server add playbooks & scripts 2025-05-23 21:19:18 +08:00
inventory.ini playbooks: add inventory otel.svc.plus 2025-09-03 08:58:37 +08:00
keycloak_server add playbooks & scripts 2025-05-23 21:19:18 +08:00
pre_setup.sh add playbooks & scripts 2025-05-23 21:19:18 +08:00
renew_nodes_ssl_certs add playbooks & scripts 2025-05-23 21:19:18 +08:00
wireguard_ali_vpn_gw add playbooks & scripts 2025-05-23 21:19:18 +08:00
wireguard_client add playbooks & scripts 2025-05-23 21:19:18 +08:00
wireguard_gateway add playbooks & scripts 2025-05-23 21:19:18 +08:00