diff --git a/host_vars/hiveops.yml b/host_vars/hiveops.yml
index ee09f2a..d1284ae 100644
--- a/host_vars/hiveops.yml
+++ b/host_vars/hiveops.yml
@@ -3,3 +3,9 @@
 
 # Disable firewall (too many ports needed)
 common_firewall_enabled: false
+
+# Enable IP forwarding for Docker networking
+common_sysctl_settings:
+  net.ipv4.ip_forward: 1
+  net.ipv4.conf.all.send_redirects: 0
+  net.ipv4.conf.default.send_redirects: 0
diff --git a/host_vars/mysql.yml b/host_vars/mysql.yml
new file mode 100644
index 0000000..aaa37f7
--- /dev/null
+++ b/host_vars/mysql.yml
@@ -0,0 +1,7 @@
+---
+# MySQL specific variables
+
+# Allow MySQL port through firewall
+common_firewall_allowed_ports:
+  - "22/tcp"    # SSH
+  - "3306/tcp"  # MySQL
diff --git a/host_vars/smartjournal.yml b/host_vars/smartjournal.yml
index 1b340d8..1e86257 100644
--- a/host_vars/smartjournal.yml
+++ b/host_vars/smartjournal.yml
@@ -3,3 +3,9 @@
 
 # Disable firewall
 common_firewall_enabled: false
+
+# Enable IP forwarding for Docker networking
+common_sysctl_settings:
+  net.ipv4.ip_forward: 1
+  net.ipv4.conf.all.send_redirects: 0
+  net.ipv4.conf.default.send_redirects: 0