From 066bf45b0e39b90f8147bcb5d9e533397ae6dd35 Mon Sep 17 00:00:00 2001 From: directlx Date: Wed, 4 Feb 2026 09:21:14 -0500 Subject: [PATCH] Add Proxmox group_vars to disable UFW Proxmox uses its own firewall (pve-firewall) and doesn't need UFW. This prevents accidental lockout of web UI (port 8006). Co-Authored-By: Claude Opus 4.5 --- group_vars/proxmox.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 group_vars/proxmox.yml diff --git a/group_vars/proxmox.yml b/group_vars/proxmox.yml new file mode 100644 index 0000000..f36c3b4 --- /dev/null +++ b/group_vars/proxmox.yml @@ -0,0 +1,14 @@ +--- +# Proxmox-specific variables + +# Disable firewall on Proxmox (uses its own iptables rules) +common_firewall_enabled: false + +# Or if you want UFW, allow these ports: +# common_firewall_allowed_ports: +# - "22/tcp" +# - "8006/tcp" # Web UI +# - "5900:5999/tcp" # VNC +# - "3128/tcp" # SPICE proxy +# - "5404:5405/udp" # Corosync cluster +# - "111/tcp" # rpcbind