https://github.com/ipunkt/docker-ansible-ufw

Docker image using ansible to allow ufw access on certain servers for the running machine
https://github.com/ipunkt/docker-ansible-ufw

Last synced: 5 months ago
JSON representation

Docker image using ansible to allow ufw access on certain servers for the running machine

• Host: GitHub
• URL: https://github.com/ipunkt/docker-ansible-ufw
• Owner: ipunkt
• License: mit
• Created: 2018-06-05T23:21:04.000Z (about 8 years ago)
• Default Branch: master
• Last Pushed: 2020-07-31T08:22:15.000Z (almost 6 years ago)
• Last Synced: 2025-02-07T05:27:47.098Z (over 1 year ago)
• Language: Dockerfile
• Size: 9.77 KB
• Stars: 0
• Watchers: 4
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# docker-ansible-ufw

Docker image using ansible to allow ufw access on certain servers for the

running machine

## Use case

In a cloud environment you have throw away hosts(also called droplets). To run

stateful apps on them they need access to a permanent network storage, most

likely nfs.

To allow access from the droplet to the storage server it has to register with

the storage server, allowing traffic from the droplets ip to the necessary ports

## Concept

The sotrage server has a management user which has passwordless sudo to the ufw

command. TODO: subset of the ufw command necessary for adding ports.  

The container receives the ssh key necessary to log into the storage server via

ssh and uses ansible to enable the given ports in ufw. Important: Networking

mode has to be `host` for ansible to use the correct droplet Ip

## Environment

- `HOSTS`: comma separated list of ports. Defaults to 111

- `PORTS`: comma separated list of ports. Defaults to 111

- `UFW_USER`: string. Required

- `UFW_PASSWORD`: string. sudo password. Required

- `UFW_PRIVATE_KEY`: string. Private Key. Required