1 сар өмнө · febe1d9d4e
--- a/playbook-initial_install.yml
+++ b/playbook-initial_install.yml
@@ -0,0 +1,134 @@
 
															+---
														
 
															+- hosts: all
														
 
															+  user: mike
														
 
															+  become: true
														
 
															+  tasks:
														
 
															+#    - name: Update Server
														
 
															+#      apt:
														
 
															+#        upgrade: true
														
 
															+#        update-cache: true
														
 
															+#        cache_valid_time: 3600
														
 
															+
														
 
															+    - name: Make users passwordless for sudo in group mike
														
 
															+      lineinfile:
														
 
															+        path: /etc/sudoers
														
 
															+        state: present
														
 
															+        regexp: '^%sudo'
														
 
															+        line: '%sudo ALL=(ALL) NOPASSWD: ALL'
														
 
															+        validate: 'visudo -cf %s'
														
 
															+
														
 
															+
														
 
															+    - name: Install Core Server Utils
														
 
															+      apt:
														
 
															+        pkg:
														
 
															+          - curl
														
 
															+          - python3
														
 
															+          - ufw
														
 
															+          - samba
														
 
															+          - smbclient
														
 
															+          - cifs-utils
														
 
															+          - apt-transport-https
														
 
															+          - ca-certificates
														
 
															+          - curl
														
 
															+          - software-properties-common
														
 
															+          - python3-pip
														
 
															+          - virtualenv
														
 
															+          - python3-setuptools
														
 
															+          - rsync
														
 
															+
														
 
															+        state: present
														
 
															+#        update_cache: true
														
 
															+        cache_valid_time: 3600
														
 
															+
														
 
															+    - name: Add Docker GPG apt Key
														
 
															+      apt_key:
														
 
															+        url: https://download.docker.com/linux/ubuntu/gpg
														
 
															+        state: present
														
 
															+
														
 
															+    - name: Add Docker Repository
														
 
															+      apt_repository:
														
 
															+        repo: deb https://download.docker.com/linux/ubuntu focal stable
														
 
															+        state: present
														
 
															+
														
 
															+    - name: Update apt and install docker-ce
														
 
															+      apt:
														
 
															+        name:
														
 
															+          - docker-ce
														
 
															+          - containerd.io
														
 
															+          - docker-compose
														
 
															+        state: latest
														
 
															+        update_cache: true
														
 
															+
														
 
															+    - name: Add user to docker group
														
 
															+      user:
														
 
															+        name: "{{ansible_user}}"
														
 
															+        group: docker
														
 
															+    
														
 
															+    - name: Install Docker Containers
														
 
															+      community.docker.docker_container:
														
 
															+        name: portainer
														
 
															+        image: portainer/portainer-ce
														
 
															+
														
 
															+#    - name: Create Portainer Directory
														
 
															+#      file:
														
 
															+#        path: /home/mike/docker/portainer
														
 
															+#        state: directory
														
 
															+#      become_user: mike
														
 
															+
														
 
															+    - name: Create UFW directory
														
 
															+      file:
														
 
															+        path: /home/mike/ufw/applications.d
														
 
															+        state: directory
														
 
															+      become_user: mike
														
 
															+
														
 
															+#    - name: Sync Portainer docker-compose file
														
 
															+#      synchronize:
														
 
															+#        src: /home/mike/Software/ansible-debian/portainer/docker-compose.yml
														
 
															+#        dest: /home/mike/docker/portainer
														
 
															+#      become_user: mike
														
 
															+
														
 
															+    - name: Install UFW config files
														
 
															+      synchronize:
														
 
															+        src: /home/mike/Software/ansible-debian/ufw/applications.d/TG-portainer
														
 
															+        dest: /home/mike/ufw/applications.d
														
 
															+      become_user: mike
														
 
															+
														
 
															+#    - name: Move UFW files to proper directory
														
 
															+#      command: mv /home/mike/ufw/applications.d/TG-portainer /etc/ufw/applications.d/TG-portainer
														
 
															+
														
 
															+    - name: Set ownership of UFW files to root
														
 
															+      file: dest=/etc/ufw/applications.d owner=root group=root recurse=yes
														
 
															+       ### Need to change ownership to root ###
														
 
															+
														
 
															+### THIS DOES NOT WORK!
														
 
															+### IF RUN IN THIS SCRIPT, THIS CONTAINER IS started as 'mike' and cannot view /var/run/docker.sock
														
 
															+### if run alone (with --tags portainer) it works.
														
 
															+#    - name: Start Portainer
														
 
															+#      docker_compose:
														
 
															+#        project_src: /home/mike/docker/portainer
														
 
															+#        state: present
														
 
															+#      become: yes
														
 
															+#      become_method: sudo
														
 
															+#      tags: portainer
														
 
															+
														
 
															+    - name: Configure UFW - allow OpenSSH, samba, and TG-portainer
														
 
															+      ufw:
														
 
															+        rule: allow
														
 
															+        name: "{{ item }}"
														
 
															+      with_items:
														
 
															+        - OpenSSH
														
 
															+        - samba
														
 
															+#        - TG-portainer
														
 
															+
														
 
															+#    - name: Configure UFW - delete default allow 22
														
 
															+#      ufw:
														
 
															+#        rule: allow
														
 
															+#        port: 22
														
 
															+#        proto: tcp
														
 
															+#        delete: yes
														
 
															+
														
 
															+    - name: Configure UFW - deny all else
														
 
															+      ufw:
														
 
															+        state: enabled
														
 
															+        policy: deny
														
 
															+
														
--- a/playbook-portainer.yml
+++ b/playbook-portainer.yml
@@ -0,0 +1,64 @@
 
															+---
														
 
															+- hosts: all
														
 
															+  user: mike
														
 
															+  become: true
														
 
															+  tasks:
														
 
															+#    - name: Update Server
														
 
															+#      apt:
														
 
															+#        upgrade: true
														
 
															+#        update-cache: true
														
 
															+#        cache_valid_time: 3600
														
 
															+
														
 
															+    - name: Install Docker Containers
														
 
															+      community.docker.docker_container:
														
 
															+        name: portainer
														
 
															+        image: portainer/portainer-ce
														
 
															+
														
 
															+    - name: Create Portainer Directory
														
 
															+      file:
														
 
															+        path: /home/mike/docker/portainer
														
 
															+        state: directory
														
 
															+      become_user: mike
														
 
															+
														
 
															+    - name: Sync Portainer docker-compose file
														
 
															+      synchronize:
														
 
															+        src: /home/mike/Software/ansible-debian/portainer/docker-compose.yml
														
 
															+        dest: /home/mike/docker/portainer
														
 
															+      become_user: mike
														
 
															+
														
 
															+#    - name: Set ownership of UFW files to root
														
 
															+#      file: dest=/etc/ufw/applications.d owner=root group=root recurse=yes
														
 
															+       ### Need to change ownership to root ###
														
 
															+
														
 
															+### THIS DOES NOT WORK!
														
 
															+### IF RUN IN THIS SCRIPT, THIS CONTAINER IS started as 'mike' and cannot view /var/run/docker.sock
														
 
															+### if run alone (with --tags portainer) it works.
														
 
															+    - name: Start Portainer
														
 
															+      docker_compose:
														
 
															+        project_src: /home/mike/docker/portainer
														
 
															+        state: present
														
 
															+      become: yes
														
 
															+      become_method: sudo
														
 
															+      tags: portainer
														
 
															+
														
 
															+    - name: Configure UFW - allow OpenSSH, samba, and TG-portainer
														
 
															+      ufw:
														
 
															+        rule: allow
														
 
															+        name: "{{ item }}"
														
 
															+      with_items:
														
 
															+#        - OpenSSH
														
 
															+#        - samba
														
 
															+        - TG-portainer
														
 
															+
														
 
															+#    - name: Configure UFW - delete default allow 22
														
 
															+#      ufw:
														
 
															+#        rule: allow
														
 
															+#        port: 22
														
 
															+#        proto: tcp
														
 
															+#        delete: yes
														
 
															+
														
 
															+#    - name: Configure UFW - deny all else
														
 
															+#      ufw:
														
 
															+#        state: enabled
														
 
															+#        policy: deny
														
 
															+
														
--- a/ufw/applications.d/TG-Synapse
+++ b/ufw/applications.d/TG-Synapse
@@ -0,0 +1,7 @@
 
															+[TG-Synapse]
														
 
															+title=Custom port for Synapse - TG Software
														
 
															+description=.
														
 
															+ports=8008,8448,29319/tcp
														
 
															+
														
 
															+
														
 
															+## 29319 - Facebook Bridge
														
--- a/ufw/applications.d/TG-airsonic
+++ b/ufw/applications.d/TG-airsonic
@@ -0,0 +1,4 @@
 
															+[TG-airsonic]
														
 
															+title=Custom port for airsonic - TG Software
														
 
															+description=OpenSSH is a free implementation of the Secure Shell protocol.
														
 
															+ports=4040/tcp
														
--- a/ufw/applications.d/TG-arrs
+++ b/ufw/applications.d/TG-arrs
@@ -0,0 +1,4 @@
 
															+[TG-arrs]
														
 
															+title=Lidarr, Sonarr. Radarr, Prowlarr, QbitTorrent - TG Software
														
 
															+description=The Arrs.
														
 
															+ports=7878,6881,8686,8787,8989,9696,9010/tcp
														
--- a/ufw/applications.d/TG-bookstack
+++ b/ufw/applications.d/TG-bookstack
@@ -0,0 +1,4 @@
 
															+[TG-bookstack]
														
 
															+title=Custom port for Bookstack- TG Software
														
 
															+description=Bookstack
														
 
															+ports=10002/tcp
														
--- a/ufw/applications.d/TG-dillinger
+++ b/ufw/applications.d/TG-dillinger
@@ -0,0 +1,4 @@
 
															+[TG-dillinger]
														
 
															+title=Dillinger markdown editor - TG Software
														
 
															+description=Dillinger Markdown Editor
														
 
															+ports=10030/tcp
														
--- a/ufw/applications.d/TG-duplicati
+++ b/ufw/applications.d/TG-duplicati
@@ -0,0 +1,4 @@
 
															+[TG-duplicati]
														
 
															+title=Custom port for duplicati - TG Software
														
 
															+description=.
														
 
															+ports=8200/tcp
														
--- a/ufw/applications.d/TG-ejabberd
+++ b/ufw/applications.d/TG-ejabberd
@@ -0,0 +1,4 @@
 
															+[TG-ejabberd]
														
 
															+title=Ejabberd - TG Software
														
 
															+description=XMPP chat server ADDL PORTS MAY BE NEEDED FOR STUN AND VOICE SERVER
														
 
															+ports=5269,5443,5280,5222/tcp
														
--- a/ufw/applications.d/TG-emby
+++ b/ufw/applications.d/TG-emby
@@ -0,0 +1,4 @@
 
															+[TG-emby]
														
 
															+title=Custom port for Emby - TG Software
														
 
															+description=OpenSSH is a free implementation of the Secure Shell protocol.
														
 
															+ports=8096/tcp
														
--- a/ufw/applications.d/TG-ersatztv
+++ b/ufw/applications.d/TG-ersatztv
@@ -0,0 +1,4 @@
 
															+[TG-ersatztv]
														
 
															+title=Custom port for ersatzTV - TG Software
														
 
															+description=ersatzTV
														
 
															+ports=10030/tcp
														
--- a/ufw/applications.d/TG-fireflyiii
+++ b/ufw/applications.d/TG-fireflyiii
@@ -0,0 +1,4 @@
 
															+[TG-fireflyiii]
														
 
															+title=Custom ports for fireflyiii - TG Software
														
 
															+description=.
														
 
															+ports=9003,9004/tcp
														
--- a/ufw/applications.d/TG-freshrss
+++ b/ufw/applications.d/TG-freshrss
@@ -0,0 +1,4 @@
 
															+[TG-freshrss]
														
 
															+Title=Custom port for Freshrss - TG Software
														
 
															+description=FreshRSS
														
 
															+ports=83/tcp
														
--- a/ufw/applications.d/TG-git
+++ b/ufw/applications.d/TG-git
@@ -0,0 +1,4 @@
 
															+[TG-git]
														
 
															+title=Custom port for Gogs GitServer - TG Software
														
 
															+description=Custom local Git Repo
														
 
															+ports=3000,10022/tcp
														
--- a/ufw/applications.d/TG-immich
+++ b/ufw/applications.d/TG-immich
@@ -0,0 +1,4 @@
 
															+[TG-immich]
														
 
															+title=Custom port for immich photo viewer - TG Software
														
 
															+description=Custom local immich server
														
 
															+ports=2283/tcp
														
--- a/ufw/applications.d/TG-iperf
+++ b/ufw/applications.d/TG-iperf
@@ -0,0 +1,4 @@
 
															+[TG-iperf]
														
 
															+title=Iperf3 - TG Software
														
 
															+description=Custom Iperf3 network speed testing
														
 
															+ports=5201/tcp|5201/udp
														
--- a/ufw/applications.d/TG-lubelogger
+++ b/ufw/applications.d/TG-lubelogger
@@ -0,0 +1,4 @@
 
															+[TG-lubelogger]
														
 
															+title=Custom port for lubelogger - TG Software
														
 
															+description=Lubelogger
														
 
															+ports=10070/tcp
														
--- a/ufw/applications.d/TG-mariadb
+++ b/ufw/applications.d/TG-mariadb
@@ -0,0 +1,4 @@
 
															+[TG-mariadb]
														
 
															+title=Custom port for mariadb - TG Software
														
 
															+description=MAriadb.
														
 
															+ports=3306/tcp
														
--- a/ufw/applications.d/TG-mqtt
+++ b/ufw/applications.d/TG-mqtt
@@ -0,0 +1,4 @@
 
															+[TG-mqtt]
														
 
															+title=Custom port for MQTT - TG Software
														
 
															+description=mqtt
														
 
															+ports=1883,8883/tcp
														
--- a/ufw/applications.d/TG-navidrome
+++ b/ufw/applications.d/TG-navidrome
@@ -0,0 +1,4 @@
 
															+[TG-navidrome]
														
 
															+title=Custom port for airsonic - TG Software
														
 
															+description=Navidrome
														
 
															+ports=10040/tcp
														
--- a/ufw/applications.d/TG-netbootxyz
+++ b/ufw/applications.d/TG-netbootxyz
@@ -0,0 +1,4 @@
 
															+[TG-netbootxyz]
														
 
															+title=Custom port for netbootxyz - TG Software
														
 
															+description=Nothing
														
 
															+ports=69/udp|3000/tcp
														
--- a/ufw/applications.d/TG-nextcloud
+++ b/ufw/applications.d/TG-nextcloud
@@ -0,0 +1,4 @@
 
															+[TG-nextcloud]
														
 
															+title=Custom port for nextcloud - TG Software
														
 
															+description=.
														
 
															+ports=8080/tcp
														
--- a/ufw/applications.d/TG-npm
+++ b/ufw/applications.d/TG-npm
@@ -0,0 +1,4 @@
 
															+[TG-npm]
														
 
															+title=Custom port for Nginx Proxy Manager - TG Software
														
 
															+description=Nginx Proxy Manager
														
 
															+ports=80,81,443/tcp
														
--- a/ufw/applications.d/TG-owntracks
+++ b/ufw/applications.d/TG-owntracks
@@ -0,0 +1,4 @@
 
															+[TG-owntracks]
														
 
															+title=Custom port for Owntracks Location Monitoring / MQTT - TG Software
														
 
															+description=Custom local owntracks / MQTT server(s)
														
 
															+ports=8083,9002,8883/tcp
														
--- a/ufw/applications.d/TG-paperless
+++ b/ufw/applications.d/TG-paperless
@@ -0,0 +1,4 @@
 
															+[TG-paperless]
														
 
															+title=Custom port for Paperless-NGX- TG Software
														
 
															+description=Paperless-NGX
														
 
															+ports=10020/tcp
														
--- a/ufw/applications.d/TG-pdf
+++ b/ufw/applications.d/TG-pdf
@@ -0,0 +1,4 @@
 
															+[TG-pdf]
														
 
															+title=Custom port for Stirling-PDF - TG Software
														
 
															+description=Custom local PDF Manipulator
														
 
															+ports=10010/tcp
														
--- a/ufw/applications.d/TG-piwigo
+++ b/ufw/applications.d/TG-piwigo
@@ -0,0 +1,4 @@
 
															+[TG-piwigo]
														
 
															+title=Custom port for Piwigo - TG Software
														
 
															+description=Piwigo
														
 
															+ports=8040/tcp
														
--- a/ufw/applications.d/TG-podgrab
+++ b/ufw/applications.d/TG-podgrab
@@ -0,0 +1,4 @@
 
															+[TG-podgrab]
														
 
															+title=Custom port for Podgrab podcatcher - TG Software
														
 
															+description=Custom port for POdgrab
														
 
															+ports=10060/tcp
														
--- a/ufw/applications.d/TG-podsync
+++ b/ufw/applications.d/TG-podsync
@@ -0,0 +1,4 @@
 
															+[TG-podsync]
														
 
															+title=Custom port for podsync - TG Software
														
 
															+description=.
														
 
															+ports=8060/tcp
														
--- a/ufw/applications.d/TG-portainer
+++ b/ufw/applications.d/TG-portainer
@@ -0,0 +1,4 @@
 
															+[TG-portainer]
														
 
															+Title=Custom port for Portainer - TG Software
														
 
															+description=Portainer
														
 
															+ports=8000,9000/tcp
														
--- a/ufw/applications.d/TG-ssh
+++ b/ufw/applications.d/TG-ssh
@@ -0,0 +1,4 @@
 
															+[TG-ssh]
														
 
															+title=Custom port for SSH - TG Software
														
 
															+description=OpenSSH is a free implementation of the Secure Shell protocol.
														
 
															+ports=9772/tcp
														
--- a/ufw/applications.d/TG-template
+++ b/ufw/applications.d/TG-template
@@ -0,0 +1,4 @@
 
															+[TG-template]
														
 
															+title=Custom port for [software name]- TG Software
														
 
															+description=[description]
														
 
															+ports=80/tcp
														
--- a/ufw/applications.d/TG-torrents
+++ b/ufw/applications.d/TG-torrents
@@ -0,0 +1,4 @@
 
															+[TG-torrents]
														
 
															+title=Custom port for Qbittorrent - TG Software
														
 
															+description=Qbittorrent
														
 
															+ports=8030/tcp
														
--- a/ufw/applications.d/TG-wbo
+++ b/ufw/applications.d/TG-wbo
@@ -0,0 +1,4 @@
 
															+[TG-wbo]
														
 
															+title=Custom port for wbo - TG Software
														
 
															+description=.
														
 
															+ports=8070/tcp
														
--- a/ufw/applications.d/TG-wger
+++ b/ufw/applications.d/TG-wger
@@ -0,0 +1,4 @@
 
															+[TG-wger]
														
 
															+title=Custom port for wger - TG Software
														
 
															+description=.
														
 
															+ports=8050/tcp
														
--- a/ufw/applications.d/TG-wiki
+++ b/ufw/applications.d/TG-wiki
@@ -0,0 +1,4 @@
 
															+[TG-wiki]
														
 
															+title=Custom port for docuwiki - TG Software
														
 
															+description=.
														
 
															+ports=10050/tcp
														
--- a/ufw/applications.d/openssh-server
+++ b/ufw/applications.d/openssh-server
@@ -0,0 +1,4 @@
 
															+[OpenSSH]
														
 
															+title=Secure shell server, an rshd replacement
														
 
															+description=OpenSSH is a free implementation of the Secure Shell protocol.
														
 
															+ports=22/tcp
														
--- a/ufw/applications.d/postfix
+++ b/ufw/applications.d/postfix
@@ -0,0 +1,14 @@
 
															+[Postfix]
														
 
															+title=Mail server (SMTP)
														
 
															+description=Postfix is a high-performance mail transport agent
														
 
															+ports=25/tcp
														
 
															+
														
 
															+[Postfix SMTPS]
														
 
															+title=Mail server (SMTPS)
														
 
															+description=Postfix is a high-performance mail transport agent
														
 
															+ports=465/tcp
														
 
															+
														
 
															+[Postfix Submission]
														
 
															+title=Mail server (Submission)
														
 
															+description=Postfix is a high-performance mail transport agent
														
 
															+ports=587/tcp
														
--- a/ufw/applications.d/samba
+++ b/ufw/applications.d/samba
@@ -0,0 +1,4 @@
 
															+[Samba]
														
 
															+title=LanManager-like file and printer server for Unix
														
 
															+description=The Samba software suite is a collection of programs that implements the SMB/CIFS protocol for unix systems, allowing you to serve files and printers to Windows, NT, OS/2 and DOS clients. This protocol is sometimes also referred to as the LanManager or NetBIOS protocol.
														
 
															+ports=137,138/udp|139,445/tcp
														
--- a/ufw/applications.d/ufw-bittorent
+++ b/ufw/applications.d/ufw-bittorent
@@ -0,0 +1,19 @@
 
															+[Transmission]
														
 
															+title=Transmission
														
 
															+description=Transmission BitTorrent client
														
 
															+ports=51413
														
 
															+
														
 
															+[Deluge]
														
 
															+title=Deluge
														
 
															+description=Deluge BitTorrent client
														
 
															+ports=6881:6891/tcp
														
 
															+
														
 
															+[KTorrent]
														
 
															+title=KTorrent
														
 
															+description=KTorrent BitTorrent client
														
 
															+ports=6881/tcp|4444/udp
														
 
															+
														
 
															+[qBittorrent]
														
 
															+title=qBittorrent
														
 
															+description=qBittorrent BitTorrent client
														
 
															+ports=6881/tcp
														
--- a/ufw/applications.d/ufw-chat
+++ b/ufw/applications.d/ufw-chat
@@ -0,0 +1,35 @@
 
															+[PeopleNearby]
														
 
															+title=People Nearby
														
 
															+description=People Nearby (Bonjour/Salut) functionality in Empathy
														
 
															+ports=5353/udp|5298
														
 
															+
														
 
															+[Bonjour]
														
 
															+title=Bonjour
														
 
															+description=Bonjour protocol
														
 
															+ports=5353/udp|5298
														
 
															+
														
 
															+[MSN]
														
 
															+title=MSN Chat
														
 
															+description=MSN chat protocol (with file transfer and voice)
														
 
															+ports=1863|6891:6900/tcp|6901
														
 
															+
														
 
															+[MSN SSL]
														
 
															+title=MSN Chat (SSL)
														
 
															+description=MSN chat protocol (SSL)
														
 
															+ports=443/tcp
														
 
															+
														
 
															+[AIM]
														
 
															+title=AIM Talk
														
 
															+description=AIM talk protocol
														
 
															+ports=5190/tcp
														
 
															+
														
 
															+[Yahoo]
														
 
															+title=Yahoo Chat
														
 
															+description=Yahoo chat protocol
														
 
															+ports=5050
														
 
															+
														
 
															+[XMPP]
														
 
															+title=XMPP Chat
														
 
															+description=XMPP protocol (Jabber and Google Talk)
														
 
															+ports=5222/tcp|5269/tcp
														
 
															+
														
--- a/ufw/applications.d/ufw-directoryserver
+++ b/ufw/applications.d/ufw-directoryserver
@@ -0,0 +1,29 @@
 
															+[Kerberos KDC]
														
 
															+title=Kerberos v5 KDC server
														
 
															+description=Kerberos v5 KDC server
														
 
															+ports=88
														
 
															+
														
 
															+[Kerberos Admin]
														
 
															+title=Kerberos v5 admin
														
 
															+description=Kerberos v5 server
														
 
															+ports=749/tcp
														
 
															+
														
 
															+[Kerberos Password]
														
 
															+title=Kerberos v5 password
														
 
															+description=Kerberos v5 password
														
 
															+ports=464/udp
														
 
															+
														
 
															+[Kerberos Full]
														
 
															+title=Kerberos v5 server
														
 
															+description=Kerberos v5 server
														
 
															+ports=88,749/tcp|464/udp
														
 
															+
														
 
															+[LDAP]
														
 
															+title=LDAP server
														
 
															+description=LDAP server
														
 
															+ports=389/tcp
														
 
															+
														
 
															+[LDAPS]
														
 
															+title=LDAP server (LDAPS)
														
 
															+description=LDAP server (LDAPS)
														
 
															+ports=636/tcp
														
--- a/ufw/applications.d/ufw-dnsserver
+++ b/ufw/applications.d/ufw-dnsserver
@@ -0,0 +1,4 @@
 
															+[DNS]
														
 
															+title=Internet Domain Name Server
														
 
															+description=Internet Domain Name Server
														
 
															+ports=53
														
--- a/ufw/applications.d/ufw-fileserver
+++ b/ufw/applications.d/ufw-fileserver
@@ -0,0 +1,14 @@
 
															+[CIFS]
														
 
															+title=SMB/CIFS server
														
 
															+description=SMB/CIFS server
														
 
															+ports=137,138/udp|139,445/tcp
														
 
															+
														
 
															+[NFS]
														
 
															+title=NFS server
														
 
															+description=NFS and portmap server. Will also need access to mountd, statd and possibly others
														
 
															+ports=2049,111/tcp|2049,111/udp
														
 
															+
														
 
															+[svnserve]
														
 
															+title=Subversion server
														
 
															+description=Subversion server for access to Subversion repositories.
														
 
															+ports=3690/tcp
														
--- a/ufw/applications.d/ufw-loginserver
+++ b/ufw/applications.d/ufw-loginserver
@@ -0,0 +1,14 @@
 
															+[Telnet]
														
 
															+title=Telnet server (insecure)
														
 
															+description=Telnet server (insecure)
														
 
															+ports=23/tcp
														
 
															+
														
 
															+[SSH]
														
 
															+title=SSH server
														
 
															+description=SSH server
														
 
															+ports=22/tcp
														
 
															+
														
 
															+[VNC]
														
 
															+title=VNC server
														
 
															+description=VNC server
														
 
															+ports=5900/tcp
														
--- a/ufw/applications.d/ufw-mailserver
+++ b/ufw/applications.d/ufw-mailserver
@@ -0,0 +1,30 @@
 
															+[POP3]
														
 
															+title=Mail server (POP3)
														
 
															+description=Mail server (POP3)
														
 
															+ports=110/tcp
														
 
															+
														
 
															+[POP3S]
														
 
															+title=Secure mail server (POP3S)
														
 
															+description=Secure mail server (POP3S)
														
 
															+ports=995/tcp
														
 
															+
														
 
															+[IMAP]
														
 
															+title=Mail server (IMAP)
														
 
															+description=Mail server (IMAP)
														
 
															+ports=143/tcp
														
 
															+
														
 
															+[IMAPS]
														
 
															+title=Secure mail server (IMAPS)
														
 
															+description=Secure mail server (IMAPS)
														
 
															+ports=993/tcp
														
 
															+
														
 
															+[SMTP]
														
 
															+title=Mail server (SMTP)
														
 
															+description=Mail server (SMTP)
														
 
															+ports=25/tcp
														
 
															+
														
 
															+[Mail submission]
														
 
															+title=Mail server (Submission)
														
 
															+description=Mail server (Submission)
														
 
															+ports=587/tcp
														
 
															+
														
--- a/ufw/applications.d/ufw-printserver
+++ b/ufw/applications.d/ufw-printserver
@@ -0,0 +1,9 @@
 
															+[IPP]
														
 
															+title=Cups server (IPP)
														
 
															+description=Cups server (IPP)
														
 
															+ports=631
														
 
															+
														
 
															+[LPD]
														
 
															+title=LPD server
														
 
															+description=LPD server
														
 
															+ports=515/tcp
														
--- a/ufw/applications.d/ufw-proxyserver
+++ b/ufw/applications.d/ufw-proxyserver
@@ -0,0 +1,9 @@
 
															+[Socks]
														
 
															+title=Socks proxy
														
 
															+description=Socks proxy
														
 
															+ports=1080/tcp
														
 
															+
														
 
															+[Transparent Proxy]
														
 
															+title=Transparent proxy
														
 
															+description=Transparent proxy
														
 
															+ports=8081/tcp
														
--- a/ufw/applications.d/ufw-webserver
+++ b/ufw/applications.d/ufw-webserver
@@ -0,0 +1,19 @@
 
															+[WWW]
														
 
															+title=Web Server
														
 
															+description=Web server
														
 
															+ports=80/tcp
														
 
															+
														
 
															+[WWW Secure]
														
 
															+title=Web Server (HTTPS)
														
 
															+description=Web Server (HTTPS)
														
 
															+ports=443/tcp
														
 
															+
														
 
															+[WWW Full]
														
 
															+title=Web Server (HTTP,HTTPS)
														
 
															+description=Web Server (HTTP,HTTPS)
														
 
															+ports=80,443/tcp
														
 
															+
														
 
															+[WWW Cache]
														
 
															+title=Web Server (8080)
														
 
															+description=Web Server (8080)
														
 
															+ports=8080/tcp
														
--- a/~.
+++ b/~.
@@ -0,0 +1,14 @@
 
															+version: "2.0"
														
 
															+
														
 
															+services:
														
 
															+  portainer:
														
 
															+    image: portainer/portainer-ce
														
 
															+    container_name: portainer
														
 
															+    restart: always
														
 
															+    volumes:
														
 
															+      - "/etc/localtime:/etc/localtime:ro"
														
 
															+      - "/raid/docker/portainer/data:/data"
														
 
															+      - "/var/run/docker.sock:/var/run/docker.sock"
														
 
															+    ports:
														
 
															+      - 9000:9000
														
 
															+      - 8000:8000