forgejo.dev/infrastructure-as-code
2
1
Fork 0
Code Issues 15 Pull requests Releases Activity

Blocks some IPs

Browse source
This commit is contained in:
Maximilian Kratz 2024-04-21 11:04:29 +02:00
parent eac172ab6c
commit 6c8e1cc719
2 changed files with 28 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
inventory/group_vars/all.yml
View file

@ -40,3 +40,11 @@ forgejo_release: "1.21.11-1"
swap_size: "2048"
swap_file: "/swapfile"
#
# Blocked IPs
#
blocked_ips:
- 47.76.99.127
- 47.76.209.138

20
roles/firewall-block/tasks/main.yml
View file

@ -82,3 +82,23 @@
proto: tcp
insert: 5
route: true
#
# Block IPs from list
#
- name: Block IP (normal)
community.general.ufw:
rule: deny
insert: 1
route: true
src: '{{ item }}'
loop: "{{ blocked_ips }}"
- name: Block IP (fwd)
community.general.ufw:
rule: deny
insert: 1
route: false
src: '{{ item }}'
loop: "{{ blocked_ips }}"