From 4846cbd9689bede75d8ed7d4b6b3c1f72f83ab27 Mon Sep 17 00:00:00 2001
From: Alan Orth <alan.orth@gmail.com>
Date: Thu, 11 Feb 2021 23:37:56 +0200
Subject: [PATCH] roles/common: Add firewall task for Alpine

---
 roles/common/tasks/firewall_Alpine.yml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 roles/common/tasks/firewall_Alpine.yml

diff --git a/roles/common/tasks/firewall_Alpine.yml b/roles/common/tasks/firewall_Alpine.yml
new file mode 100644
index 0000000..5b608f0
--- /dev/null
+++ b/roles/common/tasks/firewall_Alpine.yml
@@ -0,0 +1,15 @@
+---
+# TODO: configure awall (ipsets?)
+# TODO: configure fail2ban
+
+- block:
+  - name: Set Alpine firewall packages
+    set_fact:
+      alpine_firewall_packages:
+        - awall
+        - fail2ban
+
+  - name: Install Alpine firewall packages
+    apk: name={{ alpine_firewall_packages }} state=present
+
+# vim: set sw=2 ts=2: