WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-30 21:41:53 +08:00
Code Issues Packages Projects Releases Wiki Activity

Open firewall for rabbitmq in RDU3

Browse Source 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
Aurélien Bompard
2025-06-24 18:18:20 +02:00
parent b697488d03
commit 0ca9152d61
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
inventory/group_vars/rabbitmq
View File

@@ -4,6 +4,8 @@ custom_rules: [
'-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT',
# Inter-node traffic
'-A INPUT -p tcp -m tcp -s 10.3.163.78 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.79 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.3.163.80 --dport 25672 -j ACCEPT']
# Same but in RDU3
'-A INPUT -p tcp -m tcp -s 10.16.163.78 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.16.163.79 --dport 25672 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.16.163.80 --dport 25672 -j ACCEPT']
nft_custom_rules:
# Neeed for rsync from log01 for logs.
- 'add rule ip filter INPUT ip saddr 10.3.163.39 tcp dport 873 counter accept'
@@ -12,6 +14,10 @@ nft_custom_rules:
- 'add rule ip filter INPUT ip saddr 10.3.163.78 tcp dport 25672 counter accept'
- 'add rule ip filter INPUT ip saddr 10.3.163.79 tcp dport 25672 counter accept'
- 'add rule ip filter INPUT ip saddr 10.3.163.80 tcp dport 25672 counter accept'
# In RDU3
- 'add rule ip filter INPUT ip saddr 10.16.163.78 tcp dport 25672 counter accept'
- 'add rule ip filter INPUT ip saddr 10.16.163.79 tcp dport 25672 counter accept'
- 'add rule ip filter INPUT ip saddr 10.16.163.80 tcp dport 25672 counter accept'
ipa_host_group: rabbitmq
ipa_host_group_desc: RabbitMQ service
ipa_shell_groups: