slfhst/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changement de zone pour pouvoir accéder à Pronote directement

Browse Source
This commit is contained in:
VC
2021-01-05 09:50:20 +01:00
parent 727b035068
commit 18f842ff04
3 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
firewall.yml
View File

@@ -1,3 +1,5 @@
- hosts: all:!baybay-ponay.mateu.be:!machinbox.mateu.be:!muse-macbookair.lan
tasks: []
- hosts: router - hosts: router
roles: roles:
- firewall - firewall

1
production/hosts
View File

@@ -8,7 +8,6 @@ machinbox.mateu.be
claude.dmz.mateu.be claude.dmz.mateu.be
dimitri.dmz.mateu.be dimitri.dmz.mateu.be
edelgard.dmz.mateu.be edelgard.dmz.mateu.be
rhea.dmz.mateu.be
[borgbackup:children] [borgbackup:children]
borg_server borg_server

13
roles/firewall/templates/firewall.j2
View File

@@ -438,6 +438,15 @@ config zone
option masq '1' option masq '1'
option mtu_fix '1' option mtu_fix '1'
config zone
option name 'orig'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option network 'wan'
option masq '1'
option mtu_fix '1'
config forwarding config forwarding
option src 'lan' option src 'lan'
option dest 'wan' option dest 'wan'
@@ -446,6 +455,10 @@ config forwarding
option src 'lan' option src 'lan'
option dest 'dmz' option dest 'dmz'
config forwarding
option src 'lan'
option dest 'orig'
config include config include
option path '/etc/firewall.user' option path '/etc/firewall.user'