ansible/hetzner.hcloud
1
0
Fork 0
mirror of https://github.com/ansible-collections/hetzner.hcloud.git synced 2026-02-04 08:01:49 +00:00
Code Activity

feat: improve firewall resources management (#324)

Browse source 
##### SUMMARY

  - firewall - Return resources the firewall is `applied_to`.
- firewall_info - Add new `firewall_info` module to gather firewalls
info.
- firewall_resource - Add new `firewall_resource` module to manage
firewalls resources.

Fixes #111

##### ISSUE TYPE

- Feature Pull Request


##### COMPONENT NAME

firewall
firewall_info
firewall_resource

---------

Co-authored-by: Julian Tölle <julian.toelle97@gmail.com>
This commit is contained in:
Jonas L 2024-02-01 16:50:13 +01:00 committed by GitHub
parent 2ebaa3528f
commit 2757fe745f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
23 changed files with 1001 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

62
examples/server-with-firewall.yml Normal file
View file

@ -0,0 +1,62 @@
---
- name: Demonstrate creating servers with a firewall
hosts: localhost
connection: local
vars:
servers:
- name: my-server1
- name: my-server2
tasks:
- name: Create firewall
hetzner.hcloud.firewall:
name: my-firewall
rules:
- description: allow icmp from everywhere
direction: in
protocol: icmp
source_ips:
- 0.0.0.0/0
- ::/0
- description: allow ssh from everywhere
direction: in
protocol: tcp
port: 22
source_ips:
- 0.0.0.0/0
- ::/0
state: present
- name: Create servers
hetzner.hcloud.server:
name: "{{ item.name }}"
server_type: cx11
image: debian-12
labels:
kind: runners
state: started
loop: "{{ servers }}"
- name: Apply firewall to resources using label selectors
hetzner.hcloud.firewall_resource:
firewall: my-firewall
label_selectors: [kind=runners]
state: present
- name: Apply firewall to individual servers
hetzner.hcloud.firewall_resource:
firewall: my-firewall
servers: "{{ servers | map(attribute='name') }}"
state: present
- name: Delete firewall
hetzner.hcloud.firewall:
name: my-firewall
state: absent
- name: Delete servers
hetzner.hcloud.server:
name: "{{ item.name }}"
state: absent
loop: "{{ servers }}"