Created
July 5, 2018 09:45
-
-
Save makentenza/3059b5b7d46851707b0df6aceebf567a to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: Firewall rules for Prometheus | |
| hosts: nodes | |
| tasks: | |
| - name: Ensure IPtables rule exists | |
| lineinfile: | |
| dest: /etc/sysconfig/iptables | |
| state: present | |
| line: "{{ item }}" | |
| insertbefore: '^COMMIT' | |
| backup: yes | |
| with_items: | |
| - '-A OS_FIREWALL_ALLOW -p tcp -m state --state NEW -m tcp --dport 9100 -j ACCEPT' | |
| - '-A OS_FIREWALL_ALLOW -p tcp -m state --state NEW -m tcp --dport 1936 -j ACCEPT' | |
| - '-A OS_FIREWALL_ALLOW -p tcp -m state --state NEW -m tcp --dport 8443 -j ACCEPT' | |
| - name: Ensure IPtables is restarted | |
| systemd: | |
| state: restarted | |
| name: iptables |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment