poanetwork
/
deployment-playbooks
mirror of https://github.com/poanetwork/deployment-playbooks.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
deployment-playbooks/aws/roles/explorer-access/tasks/ec2.yml

104 lines
2.8 KiB
YAML
Raw Blame History

---
- name: Create explorer security group
delegate_to: localhost
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ explorer_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules: true
- name: Allow outbound traffic
delegate_to: localhost
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ explorer_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules_egress:
- proto: all
from_port: all
to_port: all
cidr_ip: 0.0.0.0/0
- name: Add ssh access
delegate_to: localhost
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ explorer_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: "{{ item }}"
to_port: "{{ item }}"
cidr_ip: 0.0.0.0/0
with_items:
- "22"
when: allow_explorer_ssh == true
- name: Add https access
delegate_to: localhost
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ explorer_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: 443
to_port: 443
cidr_ip: 0.0.0.0/0
- name: Add p2p access
delegate_to: localhost
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ explorer_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: "{{ item }}"
to_port: "{{ item }}"
cidr_ip: 0.0.0.0/0
- proto: udp
from_port: "{{ item }}"
to_port: "{{ item }}"
cidr_ip: 0.0.0.0/0
with_items:
- "30303"
when: allow_explorer_p2p == true
- name: Add http-3000 access
delegate_to: localhost
ec2_group:
ec2_access_key: "{{ access_key }}"
ec2_secret_key: "{{ secret_key }}"
name: "{{ explorer_security_group }}"
description: "Default security group"
region: "{{ region }}"
purge_rules_egress: false
purge_rules: false
rules:
- proto: tcp
from_port: "{{ item }}"
to_port: "{{ item }}"
cidr_ip: 0.0.0.0/0
with_items:
- "3000"
when: allow_explorer_http == true
Reference in New Issue View Git Blame Copy Permalink