diff options
| author |  shtlrs <[email protected]> | 2024-08-19 15:07:30 +0100 |
|---|---|---|
| committer | shtlrs <[email protected]> | 2024-08-19 15:30:24 +0100 |
| commit | 7201c90cc7b2334d22db480487c83183e147834b (patch) | |
| tree | a4750929b0f2b9fb5d9e5f87f1782989c75fbdb6 /ansible/group_vars | |
| parent | Correct the actions of the weak and feeble (diff) | |
allow needed tcp and udp traffic for jitsi services
Diffstat (limited to 'ansible/group_vars')
| -rw-r--r-- | ansible/group_vars/all/nftables.yml | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/ansible/group_vars/all/nftables.yml b/ansible/group_vars/all/nftables.yml index 64d7976..2e8f61a 100644 --- a/ansible/group_vars/all/nftables.yml +++ b/ansible/group_vars/all/nftables.yml @@ -88,6 +88,20 @@ nftables_configuration: | iifname {{ ansible_default_ipv6.interface }} tcp dport @mail_accepted ct state new accept {% endif %} {% endif %} + + {% if "jitsi" in group_names %} + # Ports needed by Jitsi + define jitsi_tcp_ports = {5349} + define jitsi_udp_ports = {3478, 10000} + + iifname {{ ansible_default_ipv4.interface }} tcp dport $jitsi_tcp_ports ct state new accept + iifname {{ ansible_default_ipv4.interface }} udp dport $jitsi_udp_ports ct state new accept + {% if ansible_default_ipv6 is defined %} + iifname {{ ansible_default_ipv6.interface }} tcp dport $jitsi_tcp_ports ct state new accept + iifname {{ ansible_default_ipv6.interface }} udp dport $jitsi_udp_ports ct state new accept + {% endif %} + + {% endif %} } chain forward { |