summaryrefslogtreecommitdiffstats
path: root/roles/openshift_common/tasks/firewall.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/openshift_common/tasks/firewall.yml')
-rw-r--r--roles/openshift_common/tasks/firewall.yml34
1 files changed, 34 insertions, 0 deletions
diff --git a/roles/openshift_common/tasks/firewall.yml b/roles/openshift_common/tasks/firewall.yml
new file mode 100644
index 000000000..514466769
--- /dev/null
+++ b/roles/openshift_common/tasks/firewall.yml
@@ -0,0 +1,34 @@
+---
+# TODO: Ansible 1.9 will eliminate the need for separate firewalld tasks for
+# enabling rules and making them permanent with the immediate flag
+- name: "Add firewalld allow rules"
+ firewalld:
+ port: "{{ item.port }}"
+ permanent: false
+ state: enabled
+ with_items: allow
+ when: allow is defined
+
+- name: "Persist firewalld allow rules"
+ firewalld:
+ port: "{{ item.port }}"
+ permanent: true
+ state: enabled
+ with_items: allow
+ when: allow is defined
+
+- name: "Remove firewalld allow rules"
+ firewalld:
+ port: "{{ item.port }}"
+ permanent: false
+ state: disabled
+ with_items: deny
+ when: deny is defined
+
+- name: "Persist removal of firewalld allow rules"
+ firewalld:
+ port: "{{ item.port }}"
+ permanent: true
+ state: disabled
+ with_items: deny
+ when: deny is defined
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-09 00:03:55 +0000