From ba0bf02d9eb3d39280c8a90efad603bc0c1f6694 Mon Sep 17 00:00:00 2001 From: jo Date: Wed, 20 Dec 2023 14:52:38 +0100 Subject: [PATCH] docs: add firewall resource example playbook --- examples/server-with-firewall.yml | 62 +++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 examples/server-with-firewall.yml diff --git a/examples/server-with-firewall.yml b/examples/server-with-firewall.yml new file mode 100644 index 00000000..0e570967 --- /dev/null +++ b/examples/server-with-firewall.yml @@ -0,0 +1,62 @@ +--- +- name: Demonstrate creating servers with a firewall + hosts: localhost + connection: local + + vars: + servers: + - name: my-server1 + - name: my-server2 + + tasks: + - name: Create firewall + hetzner.hcloud.firewall: + name: my-firewall + rules: + - description: allow icmp from everywhere + direction: in + protocol: icmp + source_ips: + - 0.0.0.0/0 + - ::/0 + - description: allow ssh from everywhere + direction: in + protocol: tcp + port: 22 + source_ips: + - 0.0.0.0/0 + - ::/0 + state: present + + - name: Create servers + hetzner.hcloud.server: + name: "{{ item.name }}" + server_type: cx11 + image: debian-12 + labels: + kind: runners + state: started + loop: "{{ servers }}" + + - name: Apply firewall to resources using label selectors + hetzner.hcloud.firewall_resource: + firewall: my-firewall + label_selectors: [kind=runners] + state: present + + - name: Apply firewall to individual servers + hetzner.hcloud.firewall_resource: + firewall: my-firewall + servers: "{{ servers | map(attribute='name') }}" + state: present + + - name: Delete firewall + hetzner.hcloud.firewall: + name: my-firewall + state: absent + + - name: Delete servers + hetzner.hcloud.server: + name: "{{ item.name }}" + state: absent + loop: "{{ servers }}"