aboutsummaryrefslogtreecommitdiffstats
path: root/roles/nginx-ufw
diff options
context:
space:
mode:
authorGravatar Johannes Christ <[email protected]>2022-02-16 21:42:22 +0100
committerGravatar Johannes Christ <[email protected]>2022-02-20 16:37:46 +0100
commit01393ae1041335d3ebea78cb7ded1036bc277a29 (patch)
tree6bc04409197212412efc30eaa3709eea1e206f39 /roles/nginx-ufw
parentDelete projects_automation.yml (diff)
Add nginx deployment
Includes documented roles for: - installing nginx & configuring handlers - installing the mTLS certificate for Cloudflare - installing firewall rules They are kept separate for now, for composability. Closes #22.
Diffstat (limited to 'roles/nginx-ufw')
-rw-r--r--roles/nginx-ufw/README.md6
-rw-r--r--roles/nginx-ufw/meta/main.yml4
-rw-r--r--roles/nginx-ufw/tasks/main.yml8
3 files changed, 18 insertions, 0 deletions
diff --git a/roles/nginx-ufw/README.md b/roles/nginx-ufw/README.md
new file mode 100644
index 0000000..042fda8
--- /dev/null
+++ b/roles/nginx-ufw/README.md
@@ -0,0 +1,6 @@
+# Role "nginx-ufw"
+
+Allows NGINX HTTP and HTTPS traffic through the UFW firewall.
+
+
+<!-- vim: set textwidth=80 sw=2 ts=2: -->
diff --git a/roles/nginx-ufw/meta/main.yml b/roles/nginx-ufw/meta/main.yml
new file mode 100644
index 0000000..dac7049
--- /dev/null
+++ b/roles/nginx-ufw/meta/main.yml
@@ -0,0 +1,4 @@
+---
+dependencies:
+ - nginx
+ - ufw
diff --git a/roles/nginx-ufw/tasks/main.yml b/roles/nginx-ufw/tasks/main.yml
new file mode 100644
index 0000000..bea22aa
--- /dev/null
+++ b/roles/nginx-ufw/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+- name: allow https traffic through the firewall
+ ufw:
+ app: WWW Secure
+ rule: allow
+ comment: nginx web server
+ tags:
+ - role::nginx-ufw
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-22 04:10:29 +0000