feat: Initial Project 🎉

2024-08-20 11:11:35 +12:00
commit d4366fef2a
22 changed files with 998 additions and 0 deletions
--- a/templates/csf.allow.j2
+++ b/templates/csf.allow.j2
@@ -0,0 +1,34 @@
+###############################################################################
+# Copyright 2006-2018, Way to the Web Limited
+# URL: http://www.configserver.com
+# Email: sales@waytotheweb.com
+###############################################################################
+# The following IP addresses will be allowed through iptables.
+# One IP address per line.
+# CIDR addressing allowed with a quaded IP (e.g. 192.168.254.0/24).
+# Only list IP addresses, not domain names (they will be ignored)
+#
+# Advanced port+ip filtering allowed with the following format
+# tcp/udp|in/out|s/d=port,port,...|s/d=ip
+# See readme.txt for more information
+#
+# Note: IP addressess listed in this file will NOT be ignored by lfd, so they
+# can still be blocked. If you do not want lfd to block an IP address you must
+# add it to csf.ignore
+
+# BEGIN GENERAL ALLOW LIST
+{% if ansible_env['SSH_CONNECTION'] is defined %}
+{{ ansible_env['SSH_CONNECTION'].split()[0] }} # csf SSH installation/upgrade IP address
+{% endif %}
+{% for ip in csf_allow | default([]) %}
+{{ ip }}
+{% endfor %}
+# END GENERAL ALLOW LIST
+{% if csf_allow_host is defined %}
+
+# BEGIN HOST SPECIFIC ALLOW LIST
+{% for ip in csf_allow_host | default([]) %}
+{{ ip }}
+{% endfor %}
+# END HOST SPECIFIC ALLOW LIST
+{% endif %}