Move all ansible files to their own folder

author: Chris Lovering <[email protected]> 2023-08-13 14:59:36 +0100
committer: Chris Lovering <[email protected]> 2023-08-13 15:54:03 +0100
commit: 431585b5256a0d08f4f3c33122465a88a93ddcb1 (patch)
tree: 4cc41cda81655332fa467e6c9c85d1ee9c35b90e /ansible/roles/nginx-ufw
parent: Serve static files from Turing (#116) (diff)
3 files changed, 14 insertions, 0 deletions
diff --git a/ansible/roles/nginx-ufw/README.md b/ansible/roles/nginx-ufw/README.md
new file mode 100644
index 0000000..e657afb
--- /dev/null
+++ b/ansible/roles/nginx-ufw/README.md
@@ -0,0 +1,3 @@
+# Role "nginx-ufw"
+
+Allows NGINX HTTP and HTTPS traffic through the UFW firewall.
diff --git a/ansible/roles/nginx-ufw/meta/main.yml b/ansible/roles/nginx-ufw/meta/main.yml
new file mode 100644
index 0000000..a6e9124
--- /dev/null
+++ b/ansible/roles/nginx-ufw/meta/main.yml
@@ -0,0 +1,4 @@
+---
+dependencies:
+  - role: nginx
+  - role: ufw
diff --git a/ansible/roles/nginx-ufw/tasks/main.yml b/ansible/roles/nginx-ufw/tasks/main.yml
new file mode 100644
index 0000000..3b52f14
--- /dev/null
+++ b/ansible/roles/nginx-ufw/tasks/main.yml
@@ -0,0 +1,7 @@
+---
+- name: Allow http(s) traffic through the firewall
+  community.general.ufw:
+    app: Nginx Full
+    rule: allow
+  tags:
+    - role::nginx-ufw
author	Chris Lovering <[email protected]>	2023-08-13 14:59:36 +0100
committer	Chris Lovering <[email protected]>	2023-08-13 15:54:03 +0100
commit	431585b5256a0d08f4f3c33122465a88a93ddcb1 (patch)
tree	4cc41cda81655332fa467e6c9c85d1ee9c35b90e /ansible/roles/nginx-ufw
parent	Serve static files from Turing (#116) (diff)