diff options
| author | 2024-04-29 20:00:02 +0200 | |
|---|---|---|
| committer | 2024-04-29 20:01:27 +0200 | |
| commit | cd356d2f1a3ffad60aef36b20fe3233802104d27 (patch) | |
| tree | 23172dcf2cfac7f0d0556145477914fb5483b9ee | |
| parent | Use nftables for firewalling (diff) | |
Remove UFW and make ansible-lint happy
| -rw-r--r-- | ansible/.ansible-lint | 2 | ||||
| -rw-r--r-- | ansible/playbook.yml | 2 | ||||
| -rw-r--r-- | ansible/roles/nginx-ufw/README.md | 3 | ||||
| -rw-r--r-- | ansible/roles/nginx-ufw/meta/main.yml | 4 | ||||
| -rw-r--r-- | ansible/roles/nginx-ufw/tasks/main.yml | 7 | ||||
| -rw-r--r-- | ansible/roles/ufw/tasks/main.yml | 17 | 
6 files changed, 2 insertions, 33 deletions
| diff --git a/ansible/.ansible-lint b/ansible/.ansible-lint index 0fb53d0..d483e93 100644 --- a/ansible/.ansible-lint +++ b/ansible/.ansible-lint @@ -2,6 +2,8 @@  exclude_paths:    - .github  # Not ansible roles    - roles/certbot/vars/main/vault.yml +  # Submodules +  - roles/nftables  skip_list:    - fqcn-builtins    - meta-no-info diff --git a/ansible/playbook.yml b/ansible/playbook.yml index b316432..bd786fa 100644 --- a/ansible/playbook.yml +++ b/ansible/playbook.yml @@ -3,7 +3,6 @@    roles:      - common      - pydis-users -    - ufw  # can be removed      - nftables      - prometheus-node-exporter      - wireguard @@ -22,7 +21,6 @@      - certbot      - nginx      - nginx-geoip -    - nginx-ufw      - nginx-cloudflare-mtls  - name: Deploy our PostgreSQL database hosts diff --git a/ansible/roles/nginx-ufw/README.md b/ansible/roles/nginx-ufw/README.md deleted file mode 100644 index e657afb..0000000 --- a/ansible/roles/nginx-ufw/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# Role "nginx-ufw" - -Allows NGINX HTTP and HTTPS traffic through the UFW firewall. diff --git a/ansible/roles/nginx-ufw/meta/main.yml b/ansible/roles/nginx-ufw/meta/main.yml deleted file mode 100644 index a6e9124..0000000 --- a/ansible/roles/nginx-ufw/meta/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -dependencies: -  - role: nginx -  - role: ufw diff --git a/ansible/roles/nginx-ufw/tasks/main.yml b/ansible/roles/nginx-ufw/tasks/main.yml deleted file mode 100644 index 3b52f14..0000000 --- a/ansible/roles/nginx-ufw/tasks/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Allow http(s) traffic through the firewall -  community.general.ufw: -    app: Nginx Full -    rule: allow -  tags: -    - role::nginx-ufw diff --git a/ansible/roles/ufw/tasks/main.yml b/ansible/roles/ufw/tasks/main.yml deleted file mode 100644 index e44d173..0000000 --- a/ansible/roles/ufw/tasks/main.yml +++ /dev/null @@ -1,17 +0,0 @@ -- name: Disable UFW  # noqa -  community.general.ufw: -    state: disabled -  tags: -    - role::ufw -  ignore_errors: true  # subsequent deploys - -- name: Uninstall UFW -  apt: -    name: ufw -    state: absent -    purge: true - -- name: Purge UFW files -  file: -    path: /etc/ufw -    state: absent | 
