kunsi/bundlewrap
1
0
Fork 0
Code Issues 2 Pull requests 1 Releases Activity

nodes/htz.ex42-1048908: add some iptables rules for unmanaged services
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit
Details

Browse source
This commit is contained in:
Franzi 2021-03-21 11:12:42 +01:00
parent 850d860d59
commit 626075ee94
Signed by: kunsi
GPG key ID: 12E3D2136B818350
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
nodes/htz/ex42-1048908.py
View file

@ -122,6 +122,14 @@ nodes['htz.ex42-1048908'] = {
'oauth_secret_key': vault.decrypt('encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz'),
'security_secret_key': vault.decrypt('encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4='),
},
'iptables': {
# TODO move to bundles
'custom_rules': [
'iptables_both -A INPUT -p udp --dport 60000:61000 -j ACCEPT', # mosh
'iptables_both -A INPUT -p tcp --dport 9001 -j ACCEPT', # weechat
'iptables_both -A INPUT -p tcp --dport 113 -j ACCEPT', # oidentd
],
},
'letsencrypt': {
'concat_and_deploy': {
'kunsi-weechat': {