feat(iptables): Allow mqtt exporter

Signed-off-by: Julien Riou <julien@riou.xyz>
2025-05-23 08:50:27 +02:00 · 2025-05-23 08:50:27 +02:00 · f63342bacc
commit f63342bacc
parent 90b4f7cf0d
1 changed files with 9 additions and 0 deletions
--- a/tasks/iptables.yml
+++ b/tasks/iptables.yml
@ -34,6 +34,15 @@
    jump: ACCEPT
    comment: allow node exporter from vpn

+- name: Allow mqtt exporter from VPN
+  ansible.builtin.iptables:
+    chain: INPUT
+    protocol: tcp
+    destination: "{{ openvpn_subnet }}"
+    destination_port: "9000"
+    jump: ACCEPT
+    comment: allow mqtt exporter from vpn
+
 - name: Deny input connections by default
  ansible.builtin.iptables:
    chain: INPUT