diff options
| -rw-r--r-- | ansible/group_vars/all/nftables.yml | 14 | ||||
| -rw-r--r-- | ansible/inventory/hosts.yaml | 3 |
2 files changed, 17 insertions, 0 deletions
diff --git a/ansible/group_vars/all/nftables.yml b/ansible/group_vars/all/nftables.yml index 64d7976..2e8f61a 100644 --- a/ansible/group_vars/all/nftables.yml +++ b/ansible/group_vars/all/nftables.yml @@ -88,6 +88,20 @@ nftables_configuration: | iifname {{ ansible_default_ipv6.interface }} tcp dport @mail_accepted ct state new accept {% endif %} {% endif %} + + {% if "jitsi" in group_names %} + # Ports needed by Jitsi + define jitsi_tcp_ports = {5349} + define jitsi_udp_ports = {3478, 10000} + + iifname {{ ansible_default_ipv4.interface }} tcp dport $jitsi_tcp_ports ct state new accept + iifname {{ ansible_default_ipv4.interface }} udp dport $jitsi_udp_ports ct state new accept + {% if ansible_default_ipv6 is defined %} + iifname {{ ansible_default_ipv6.interface }} tcp dport $jitsi_tcp_ports ct state new accept + iifname {{ ansible_default_ipv6.interface }} udp dport $jitsi_udp_ports ct state new accept + {% endif %} + + {% endif %} } chain forward { diff --git a/ansible/inventory/hosts.yaml b/ansible/inventory/hosts.yaml index 4a2f24c..9768187 100644 --- a/ansible/inventory/hosts.yaml +++ b/ansible/inventory/hosts.yaml @@ -24,5 +24,8 @@ all: mail: hosts: lovelace: + jitsi: + hosts: + lovelace: vars: wireguard_port: 46850 |