community / community.general / 0.1.1 / module / hetzner_firewall_info Manage Hetzner's dedicated server firewall Authors: Felix Fontein (@felixfontein) preview | supported by communitycommunity.general.hetzner_firewall_info (0.1.1) — module
Install with ansible-galaxy collection install community.general:==0.1.1
collections: - name: community.general version: 0.1.1
Manage Hetzner's dedicated server firewall.
- name: Get firewall configuration for server with main IP 1.2.3.4 hetzner_firewall_info: hetzner_user: foo hetzner_password: bar server_ip: 1.2.3.4 register: result
- debug: msg: "{{ result.firewall }}"
timeout: default: 180 description: - Timeout (in seconds) for waiting for firewall to be configured. type: int server_ip: description: The server's main IP address. required: true type: str wait_delay: default: 10 description: - Delay to wait (in seconds) before checking again whether the firewall has been configured. type: int hetzner_user: description: The username for the Robot webservice user. required: true type: str hetzner_password: description: The password for the Robot webservice user. required: true type: str wait_for_configured: default: true description: - Whether to wait until the firewall has been successfully configured before determining what to do, and before returning from the module. - The API returns status C(in progress) when the firewall is currently being configured. If this happens, the module will try again until the status changes to C(active) or C(disabled). - Please note that there is a request limit. If you have to do multiple updates, it can be better to disable waiting, and regularly use M(hetzner_firewall_info) to query status. type: bool
firewall: contains: port: description: - Switch port of firewall. - C(main) or C(kvm). sample: main type: str rules: contains: input: contains: action: description: - Action if rule matches. - C(accept) or C(discard). sample: accept type: str dst_ip: description: - Destination IP address or subnet address. - CIDR notation. sample: 1.2.3.4/32 type: str dst_port: description: - Destination port or port range. sample: '443' type: str ip_version: description: - Internet protocol version. sample: ipv4 type: str name: description: - Name of the firewall rule. sample: Allow HTTP access to server type: str protocol: description: - Protocol above IP layer sample: tcp type: str src_ip: description: - Source IP address or subnet address. - CIDR notation. sample: null type: str src_port: description: - Source port or port range. sample: null type: str tcp_flags: description: - TCP flags or logical combination of flags. sample: null type: str description: - Input firewall rules. elements: dict type: list description: - Firewall rules. type: dict server_ip: description: - Server's main IP address. sample: 1.2.3.4 type: str server_number: description: - Hetzner's internal server number. sample: 12345 type: int status: description: - Status of the firewall. - C(active) or C(disabled). - Will be C(in process) if the firewall is currently updated, and I(wait_for_configured) is set to C(no) or I(timeout) to a too small value. sample: active type: str whitelist_hos: description: - Whether Hetzner services have access. sample: true type: bool description: - The firewall configuration. returned: success type: dict