Skip to content

Commit

Permalink
open VPN ports
Browse files Browse the repository at this point in the history
  • Loading branch information
Stefan Oehrli committed Mar 9, 2022
1 parent 88bbb9e commit 8388321
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 0 deletions.
2 changes: 2 additions & 0 deletions cloudinit/bastion_host.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,9 @@ runcmd:
- firewall-offline-cmd --add-service=http
- firewall-offline-cmd --add-service=https
- firewall-offline-cmd --add-service=ssh
- firewall-offline-cmd --add-service=openvpn
- firewall-offline-cmd --add-port=60001/udp
- firewall-offline-cmd --add-port=1194/udp
- firewall-offline-cmd --list-all
- systemctl enable firewalld
- systemctl restart firewalld
Expand Down
9 changes: 9 additions & 0 deletions etc/fail2ban.template.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,15 @@ port = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s

# OpenVPN server
[openvpn]
enabled = true
port = 1194
protocol = udp
filter = openvpn
logpath = /var/log/openvpn.log
maxretry = 3

# nginx HTTP server
[nginx-http-auth]
enabled = true
Expand Down

0 comments on commit 8388321

Please sign in to comment.