This will add the iptables script to the directory we created in the previous task, the script will be created from a template that contains iptables rules defined from variables. This will create a directory to store iptables script, this directory will be located in /opt/spirula/firewall. This task will add iptables init script to /etc/init.d directory, the init file will define some functions like (start,stop,reload,restart) iptables ruleset, also it defines where it can store the ruleset of iptables. Template: src=iptables_rules.sh dest=/opt/spirula/firewall/iptables_rules.sh mode=0700Ĭopy: src=iptables_rollback.sh dest=/opt/spirula/firewall/iptables_rollback.sh mode=0700įile: path=/var/lib/iptables state=directoryĪt: command=”/opt/spirula/firewall/iptables_rollback.sh” count=3 units=”minutes”Ĭommand: /etc/init.d/iptables save inactiveĬommand: /opt/spirula/firewall/iptables_rules.shĪt: command=”/opt/spirula/firewall/iptables_rollback.sh” state=absent The role will contain one task file that will configure and start iptables on the server, the task file will be something like that:Ĭopy: src=iptables_init dest=/etc/init.d/iptables mode=0700įile: path=/opt/spirula/firewall recurse=yes state=directory owner=root group=root mode=0700 In our case, we will be changing the iptables in init-based linux systems.
Different options and directives of this unit must be customized by variables.
Ansible is a popular configuration management and IT automation tool, it’s created by Michael DeHaan in 2012, unlike most of the configuration management tools Ansible doesn’t require agent at client server, it is an agentless tool that just requires only ssh access to the remote machine.Īnsible can be used to provision servers, deploy applications, roll updates, and run ad-hoc tasks on remote or local machines, it is a powerful tool that is essential for system administrators and developers.
0 kommentar(er)
