22 lines
455 B
Bash
Executable File
22 lines
455 B
Bash
Executable File
#!/usr/bin/env bash
|
|
# Declarative firewall configuration with common + profile-specific rules
|
|
source "$PROJECT_DIR/lib.sh"
|
|
enable_strict_mode
|
|
|
|
cat <<'EOM'
|
|
|
|
=> Firewall configuration
|
|
|
|
EOM
|
|
|
|
ufw_initialize
|
|
|
|
COMMON_RULES_FILE="$ROLE_DIR/firewall/rules.common.list"
|
|
PROFILE_RULES_FILE="$ROLE_DIR/firewall/rules.${profile:-}.list"
|
|
|
|
apply_ufw_rules_file "$COMMON_RULES_FILE"
|
|
apply_ufw_rules_file "$PROFILE_RULES_FILE"
|
|
|
|
ufw reload
|
|
log_ok "Firewall rules applied"
|