Skip to content

Commit

Permalink
Merge pull request #1305 from mira-miracoli/fix-influx-firewall
Browse files Browse the repository at this point in the history 
InfluxDB enable FirewallD and set rules
  • Loading branch information
@mira-miracoli
mira-miracoli authored Sep 5, 2024
2 parents efadcb9 + 3267275 commit 513e9cc
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 5 deletions.
10 changes: 10 additions & 0 deletions group_vars/influxdb.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,3 +81,13 @@ nginx_remove_default_vhost: true
nginx_ssl_role: usegalaxy-eu.certbot
nginx_conf_ssl_certificate: /etc/ssl/certs/fullchain.pem
nginx_conf_ssl_certificate_key: /etc/ssl/user/privkey-nginx.pem

firewall_public_services:
- http
- https
- d-s-n # name for port 8086
firewall_internal_services:
- http
- https
- ssh
- d-s-n
7 changes: 2 additions & 5 deletions influxdb.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,15 +18,12 @@
persistent: true
loop:
- httpd_can_network_connect
- name: Disable firewalld service
ansible.builtin.service:
name: firewalld
enabled: false
state: stopped
collections:
- devsec.hardening
roles:
## Starting configuration of the operating system
- role: usegalaxy_eu.fw_glxeu_generic
become: true
- role: usegalaxy_eu.handy.os_setup
vars:
enable_hostname: true
Expand Down

0 comments on commit 513e9cc

Please sign in to comment.