poanetwork
/
deployment-playbooks
mirror of https://github.com/poanetwork/deployment-playbooks.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
deployment-playbooks/roles/explorer-access/tasks/ec2.yml

104 lines
2.8 KiB
YAML
Raw Normal View History

change access control scheme
2017-12-12 04:31:02 -08:00
---
- name: Create explorer security group
Rewrite access model to universal, now it work for aws and standalone servers
2017-12-20 04:39:37 -08:00
delegate_to: localhost
ec2_group:
change access control scheme
2017-12-12 04:31:02 -08:00
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
update security group model.
2018-02-21 12:18:08 -08:00
name: "{{ explorer_security_group }}"
rollback security group name
2017-12-12 11:52:20 -08:00
description: "Default security group"
change access control scheme
2017-12-12 04:31:02 -08:00
region: "{{ region }}"
purge_rules: true
Rewrite access model to universal, now it work for aws and standalone servers
2017-12-20 04:39:37 -08:00
- name: Allow outbound traffic
delegate_to: localhost
ec2_group:
change access control scheme
2017-12-12 04:31:02 -08:00
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
update security group model.
2018-02-21 12:18:08 -08:00
name: "{{ explorer_security_group }}"
rollback security group name
2017-12-12 11:52:20 -08:00
description: "Default security group"
change access control scheme
2017-12-12 04:31:02 -08:00
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules_egress:
- proto: all
from_port: all
to_port: all
cidr_ip: 0.0.0.0/0
Rewrite access model to universal, now it work for aws and standalone servers
2017-12-20 04:39:37 -08:00
- name: Add ssh access
delegate_to: localhost
ec2_group:
change access control scheme
2017-12-12 04:31:02 -08:00
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
update security group model.
2018-02-21 12:18:08 -08:00
name: "{{ explorer_security_group }}"
rollback security group name
2017-12-12 11:52:20 -08:00
description: "Default security group"
change access control scheme
2017-12-12 04:31:02 -08:00
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: "{{ item }}"
to_port: "{{ item }}"
cidr_ip: 0.0.0.0/0
Rewrite access model to universal, now it work for aws and standalone servers
2017-12-20 04:39:37 -08:00
with_items:
- "22"
when: allow_explorer_ssh == true
change access control scheme
2017-12-12 04:31:02 -08:00
Rewrite access model to universal, now it work for aws and standalone servers
2017-12-20 04:39:37 -08:00
- name: Add https access
delegate_to: localhost
ec2_group:
change access control scheme
2017-12-12 04:31:02 -08:00
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
update security group model.
2018-02-21 12:18:08 -08:00
name: "{{ explorer_security_group }}"
rollback security group name
2017-12-12 11:52:20 -08:00
description: "Default security group"
change access control scheme
2017-12-12 04:31:02 -08:00
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: 443
to_port: 443
cidr_ip: 0.0.0.0/0
Rewrite access model to universal, now it work for aws and standalone servers
2017-12-20 04:39:37 -08:00
- name: Add p2p access
delegate_to: localhost
ec2_group:
change access control scheme
2017-12-12 04:31:02 -08:00
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
update security group model.
2018-02-21 12:18:08 -08:00
name: "{{ explorer_security_group }}"
rollback security group name
2017-12-12 11:52:20 -08:00
description: "Default security group"
change access control scheme
2017-12-12 04:31:02 -08:00
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: "{{ item }}"
to_port: "{{ item }}"
cidr_ip: 0.0.0.0/0
- proto: udp
from_port: "{{ item }}"
to_port: "{{ item }}"
cidr_ip: 0.0.0.0/0
Rewrite access model to universal, now it work for aws and standalone servers
2017-12-20 04:39:37 -08:00
with_items:
- "30303"
when: allow_explorer_p2p == true
change access control scheme
2017-12-12 04:31:02 -08:00
Rewrite access model to universal, now it work for aws and standalone servers
2017-12-20 04:39:37 -08:00
- name: Add http-3000 access
delegate_to: localhost
ec2_group:
change access control scheme
2017-12-12 04:31:02 -08:00
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
update security group model.
2018-02-21 12:18:08 -08:00
name: "{{ explorer_security_group }}"
rollback security group name
2017-12-12 11:52:20 -08:00
description: "Default security group"
change access control scheme
2017-12-12 04:31:02 -08:00
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: "{{ item }}"
to_port: "{{ item }}"
cidr_ip: 0.0.0.0/0
Rewrite access model to universal, now it work for aws and standalone servers
2017-12-20 04:39:37 -08:00
with_items:
- "3000"
when: allow_explorer_http == true