Skip to content

ipunkt/docker-ansible-ufw

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
root
root
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

docker-ansible-ufw

Docker image using ansible to allow ufw access on certain servers for the running machine

Use case

In a cloud environment you have throw away hosts(also called droplets). To run stateful apps on them they need access to a permanent network storage, most likely nfs.

To allow access from the droplet to the storage server it has to register with the storage server, allowing traffic from the droplets ip to the necessary ports

Concept

The sotrage server has a management user which has passwordless sudo to the ufw command. TODO: subset of the ufw command necessary for adding ports.
The container receives the ssh key necessary to log into the storage server via ssh and uses ansible to enable the given ports in ufw. Important: Networking mode has to be host for ansible to use the correct droplet Ip

Environment

  • HOSTS: comma separated list of ports. Defaults to 111
  • PORTS: comma separated list of ports. Defaults to 111
  • UFW_USER: string. Required
  • UFW_PASSWORD: string. sudo password. Required
  • UFW_PRIVATE_KEY: string. Private Key. Required

About

Docker image using ansible to allow ufw access on certain servers for the running machine

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages