From e673abb764fc45495d396c56708613e15d271153 Mon Sep 17 00:00:00 2001 From: LinuxSquare Date: Mon, 2 Dec 2024 20:26:01 +0100 Subject: [PATCH] add gaming network configs --- network/firewall.ansible.yml | 8 -------- network/init.ansible.yml | 2 ++ .../files/firewall_pterodactyl-rules.j2 | 2 ++ network/modes/gaming.ansible.yml | 14 ++++++++++++++ system/base.ansible.yml | 1 + 5 files changed, 19 insertions(+), 8 deletions(-) rename network/{ => modes}/files/firewall_pterodactyl-rules.j2 (73%) create mode 100644 network/modes/gaming.ansible.yml diff --git a/network/firewall.ansible.yml b/network/firewall.ansible.yml index dd429a5..15ad7fe 100644 --- a/network/firewall.ansible.yml +++ b/network/firewall.ansible.yml @@ -21,14 +21,6 @@ mode: '0600' vars: ALLOWED_PORTS: [80, 443] - - name: Additional pterodactyl rules - template: - src: files/firewall_pterodactyl-rules.j2 - dest: /etc/nftables.d/pterodactyl.nft - owner: root - group: root - mode: '0600' - when: installation_type == 'gaming' - name: Enable nftables service service: name: nftables diff --git a/network/init.ansible.yml b/network/init.ansible.yml index 86a6112..ae198bb 100644 --- a/network/init.ansible.yml +++ b/network/init.ansible.yml @@ -1,4 +1,6 @@ - import_playbook: firewall.ansible.yml +- import_playbook: modes/gaming.ansible.yml + when: installation_type == 'gaming' - hosts: localhost tasks: diff --git a/network/files/firewall_pterodactyl-rules.j2 b/network/modes/files/firewall_pterodactyl-rules.j2 similarity index 73% rename from network/files/firewall_pterodactyl-rules.j2 rename to network/modes/files/firewall_pterodactyl-rules.j2 index 023f173..4200acf 100644 --- a/network/files/firewall_pterodactyl-rules.j2 +++ b/network/modes/files/firewall_pterodactyl-rules.j2 @@ -5,6 +5,8 @@ table inet filter { chain input { iifname eth0 tcp dport 8080 accept \ comment "Accept local connection to wings" + iifname eth0 tcp dport 3306 accept \ + comment "Accept local conntection to mariadb" } } diff --git a/network/modes/gaming.ansible.yml b/network/modes/gaming.ansible.yml new file mode 100644 index 0000000..24d162c --- /dev/null +++ b/network/modes/gaming.ansible.yml @@ -0,0 +1,14 @@ +- hosts: localhost + tasks: + - name: Install iptables for docker compatibility + package: + name: + - iptables + state: present + - name: Deploy pterodactyl nft rules + template: + src: files/firewall_pterodactyl-rules.j2 + dest: /etc/nftables.d/pterodactyl.nft + owner: root + group: root + mode: '0600' diff --git a/system/base.ansible.yml b/system/base.ansible.yml index d4161b9..8ac6201 100644 --- a/system/base.ansible.yml +++ b/system/base.ansible.yml @@ -18,6 +18,7 @@ - curl - rsync - screen + - iproute2-ss - name: Systemupdate script template: src: files/base_systemupdate