blob: 280a172a80252c3329083a1a0e30495355332a5f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
- name: Ensure firewall template directory exists
file: path="{{ firewall_template_path }}" state="directory" mode=0644 owner=root group=root
#Just in case we already added but not reloaded yet
#- name: Reload firewalld rules
# shell: firewall-cmd --reload
- name: Get list of existing firewalld services
shell: "firewall-cmd --get-services | tr ' ' '\n'"
changed_when: false
register: services
- name: Configure missing firewalld services
include_tasks: firewall_service.yml
with_items: "{{ lookup('pipe', filesearch).split('\n') }}"
vars:
filesearch: "find {{ role_path }}/files/firewalld -name *.xml -mindepth 1 -maxdepth 1"
service: "{{ item | basename | regex_replace('\\.xml','') }}"
servicelist: "{{ services.stdout_lines }}"
- name: Reload firewalld rules
shell: firewall-cmd --reload
- name: Enable requested services
firewalld: service="{{ item }}" state="enabled" permanent="true" immediate="true"
when: ands_hostnet_db | default(false)
with_items: "{{ firewall_enabled_services }}"
- name: Enable MySQL and Galera services if ands_hostnet_db is enabled
firewalld: service="{{ item }}" state="enabled" permanent="true" immediate="true"
when: ands_hostnet_db | default(false)
with_items:
- mysql
- galera
- name: Reload firewalld rules
shell: firewall-cmd --reload
|
