Hello all. I’m quite new in customising the Ansible roles provided with Trellis, so I would need some help or direction towards the right way to doing this.
We have a Trellis project that’s already in production and I need to allow a specific IP address to access the database through port 3306. Although I have found resources online that suggest how to achieve this directly with iptables rules, I would like to do this using ferm, since Trellis uses that. Also I would like to include it in the ferm role, so that this custom setting is reproducible and doesn’t get overridden by future provisions of the server. From what I understand ferm is an interface for iptables, so I guess that’s where my customisation needs to be done.
I’ve noticed that there is a templates directory in the ferm role (https://github.com/roots/trellis/tree/master/roles/ferm/templates). Is this the right place to add my custom settings? If I add any custom settings there, do I need to start with a new server or can I just re-provision the current one?
Any suggestions and help will be much appreciated!