bundles/iptables: introduce, add to home.router
All checks were successful
bundlewrap/pipeline/head This commit looks good
All checks were successful
bundlewrap/pipeline/head This commit looks good
This commit is contained in:
parent
f355d1ec7b
commit
f65e216828
GPG key ID:
12E3D2136B818350
5 changed files with 166 additions and 0 deletions
|
|
@ -1,6 +1,7 @@
|
|||
nodes['home.router'] = {
|
||||
'hostname': '172.19.138.10',
|
||||
'bundles': {
|
||||
'iptables',
|
||||
'pppd',
|
||||
},
|
||||
'groups': set(),
|
||||
|
|
@ -24,6 +25,14 @@ nodes['home.router'] = {
|
|||
'backups': {
|
||||
'exclude_from_backups': True,
|
||||
},
|
||||
'iptables': {
|
||||
'custom_rules': [
|
||||
'iptables_both -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT',
|
||||
'iptables_both -A FORWARD -i enp1s0.23 -o enp1s0.42 -j REJECT',
|
||||
'iptables_both -A FORWARD -i enp1s0.23 -j ACCEPT',
|
||||
'iptables_both -A FORWARD -i enp1s0.42 -j ACCEPT',
|
||||
],
|
||||
},
|
||||
'pppd': {
|
||||
'username': vault.decrypt('encrypt$gAAAAABfruZ5AZbgJ3mfMLWqIMx8o4bBRMJsDPD1jElh-vWN_gnhiuZVjrQ1-7Y6zDXNkxXiyhx8rxc2enmvo26axd7EBI8FqknCptXAPruVtDZrBCis4TE='),
|
||||
'password': vault.decrypt('encrypt$gAAAAABfruaXEDkaFksFMU8g97ydWyJF8p2KcSDJJBlzaOLDsLL6oCDYjG1kMPVESOzqjn8ThtSht1uZDuMCstA-sATmLS-EWQ=='),
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue