diff options
| author |  Johannes Christ <[email protected]> | 2024-04-29 20:00:02 +0200 |
|---|---|---|
| committer | jchristgit <[email protected]> | 2024-04-29 20:01:27 +0200 |
| commit | cd356d2f1a3ffad60aef36b20fe3233802104d27 (patch) | |
| tree | 23172dcf2cfac7f0d0556145477914fb5483b9ee | |
| parent | Use nftables for firewalling (diff) | |
Remove UFW and make ansible-lint happy
| -rw-r--r-- | ansible/.ansible-lint | 2 | ||||
| -rw-r--r-- | ansible/playbook.yml | 2 | ||||
| -rw-r--r-- | ansible/roles/nginx-ufw/README.md | 3 | ||||
| -rw-r--r-- | ansible/roles/nginx-ufw/meta/main.yml | 4 | ||||
| -rw-r--r-- | ansible/roles/nginx-ufw/tasks/main.yml | 7 | ||||
| -rw-r--r-- | ansible/roles/ufw/tasks/main.yml | 17 |
6 files changed, 2 insertions, 33 deletions
diff --git a/ansible/.ansible-lint b/ansible/.ansible-lint index 0fb53d0..d483e93 100644 --- a/ansible/.ansible-lint +++ b/ansible/.ansible-lint @@ -2,6 +2,8 @@ exclude_paths: - .github # Not ansible roles - roles/certbot/vars/main/vault.yml + # Submodules + - roles/nftables skip_list: - fqcn-builtins - meta-no-info diff --git a/ansible/playbook.yml b/ansible/playbook.yml index b316432..bd786fa 100644 --- a/ansible/playbook.yml +++ b/ansible/playbook.yml @@ -3,7 +3,6 @@ roles: - common - pydis-users - - ufw # can be removed - nftables - prometheus-node-exporter - wireguard @@ -22,7 +21,6 @@ - certbot - nginx - nginx-geoip - - nginx-ufw - nginx-cloudflare-mtls - name: Deploy our PostgreSQL database hosts diff --git a/ansible/roles/nginx-ufw/README.md b/ansible/roles/nginx-ufw/README.md deleted file mode 100644 index e657afb..0000000 --- a/ansible/roles/nginx-ufw/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# Role "nginx-ufw" - -Allows NGINX HTTP and HTTPS traffic through the UFW firewall. diff --git a/ansible/roles/nginx-ufw/meta/main.yml b/ansible/roles/nginx-ufw/meta/main.yml deleted file mode 100644 index a6e9124..0000000 --- a/ansible/roles/nginx-ufw/meta/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -dependencies: - - role: nginx - - role: ufw diff --git a/ansible/roles/nginx-ufw/tasks/main.yml b/ansible/roles/nginx-ufw/tasks/main.yml deleted file mode 100644 index 3b52f14..0000000 --- a/ansible/roles/nginx-ufw/tasks/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Allow http(s) traffic through the firewall - community.general.ufw: - app: Nginx Full - rule: allow - tags: - - role::nginx-ufw diff --git a/ansible/roles/ufw/tasks/main.yml b/ansible/roles/ufw/tasks/main.yml deleted file mode 100644 index e44d173..0000000 --- a/ansible/roles/ufw/tasks/main.yml +++ /dev/null @@ -1,17 +0,0 @@ -- name: Disable UFW # noqa - community.general.ufw: - state: disabled - tags: - - role::ufw - ignore_errors: true # subsequent deploys - -- name: Uninstall UFW - apt: - name: ufw - state: absent - purge: true - -- name: Purge UFW files - file: - path: /etc/ufw - state: absent |