28 lines
478 B
YAML
28 lines
478 B
YAML
---
|
|
- name: Install
|
|
package:
|
|
name: firewalld
|
|
state: present
|
|
|
|
- name: Start and activate
|
|
service:
|
|
name: firewalld
|
|
state: started
|
|
enabled: yes
|
|
|
|
- name: Block all ports
|
|
firewalld:
|
|
zone: public
|
|
service: ssh
|
|
permanent: yes
|
|
state: enabled
|
|
|
|
- name: Add Tailscale interface to trusted zone
|
|
firewalld:
|
|
zone: trusted
|
|
interface: tailscale0
|
|
permanent: yes
|
|
state: enabled
|
|
|
|
- name: Reload firewalld
|
|
command: firewall-cmd --reload
|