Skip to content
Browse files

ufw firewall setup

  • Loading branch information...
1 parent 099d80c commit 1ccc659ff0cc41338bd0c6492b1f14c98d2932c0 @cwsaylor cwsaylor committed Apr 2, 2012
Showing with 14 additions and 0 deletions.
  1. +1 −0 lib/cap_bootstrap/capistrano.rb
  2. +13 −0 lib/cap_bootstrap/recipes/security.rb
View
1 lib/cap_bootstrap/capistrano.rb
@@ -6,3 +6,4 @@
require 'cap_bootstrap/recipes/rbenv'
require 'cap_bootstrap/recipes/unicorn'
require 'cap_bootstrap/recipes/utilities'
+require 'cap_bootstrap/recipes/security'
View
13 lib/cap_bootstrap/recipes/security.rb
@@ -0,0 +1,13 @@
+Capistrano::Configuration.instance(:must_exist).load do
+ namespace :security do
+ desc "Setup a firewall with UFW"
+ task :setup_firewall, roles: :web do
+ run "#{sudo} apt-get -y install ufw"
+ run "#{sudo} ufw default deny"
+ run "#{sudo} ufw allow 22/tcp"
+ run "#{sudo} ufw allow 80/tcp"
+ run "#{sudo} ufw allow 443/tcp"
+ run "#{sudo} ufw --force enable"
+ end
+ end
+end

0 comments on commit 1ccc659

Please sign in to comment.
Something went wrong with that request. Please try again.