Browse code

TODO Strefa monitoring dla Firewalld powinna byc wazniejsza, niz pozostale

Lukasz P authored on13/02/2021 14:51:34
Showing1 changed files
... ...
@@ -26,6 +26,37 @@
26 26
     - {service_firewalld: cockpit, zone: home}
27 27
     - {service_firewalld: cockpit, zone: public}
28 28
 
29
+
30
+# ------------------------------------------------------
31
+# ---------------- Monitoring---------------------------
32
+# ------------------------------------------------------
33
+
34
+  - name: Open ports for NRPE.
35
+    include_tasks: helpers/firewall_open.yaml
36
+    loop:
37
+    - {port_firewalld: 5666/tcp, zone: home, port_ufw: 5666, source: 192.168.111.19, proto: tcp, comment: nrpe}
38
+
39
+  - name: Delete rules, which are blocking access to NRPE.
40
+    include_tasks: helpers/firewall_delete_deny.yaml
41
+    loop:
42
+    - {port_firewalld: 5666/tcp, zone: home, port_ufw: 5666, source: 192.168.111.19, proto: tcp, comment: nrpe}
43
+
44
+  - name: Open ports for MariaDB.
45
+    include_tasks: helpers/firewall_open.yaml
46
+    loop:
47
+    - {port_firewalld: 3306/tcp, zone: home, port_ufw: 3306, source: 192.168.111.19, proto: tcp, comment: Monitoring MariaDB}
48
+    when: "'mariadb' in group_names"
49
+
50
+  - name: Delete rules, which are blocking access to MariaDB.
51
+    include_tasks: helpers/firewall_delete_deny.yaml
52
+    loop:
53
+    - {port_firewalld: 3306/tcp, zone: home, port_ufw: 3306, source: 192.168.111.19, proto: tcp, comment: Monitoring MariaDB}
54
+    when: "'mariadb' in group_names"
55
+
56
+# ------------------------------------------------------
57
+# ---------------- Samba -------------------------------
58
+# ------------------------------------------------------
59
+
29 60
 # ------------------------------------------------------
30 61
 # ---------------- Samba -------------------------------
31 62
 # ------------------------------------------------------