I’m planning on setting up a firewall for all my servers.
What are the necessary inbound and outbound rules I need to set in order for my sites to work?
Also, is there an easy way to do this during provision or should I just use DigitalOcean’s UI if I’m not too experienced?
Thank’s in advance.
Is this a Trellis question?
Yes. What rules do I need to set in order for my site to work when I provisioned my server with trellis
Trellis server.yml runs a ferm role to setup some basic iptables firewall rules. The role README has some details of implementation. As mentioned in the Ubuntu IptablesHowTo, sudo iptables -L will list the current rules in iptables.
You could research iptables-based firewalls, developing a list of iptables rules you want in effect, compare them with the rules Trellis puts in effect (run sudo iptables -L on a Trellis-provisioned server to check), and add your desired extra rules (e.g., in group_vars/all/security.yml) using the instructions the in the ferm role README.