diff options
Diffstat (limited to 'roles/os_firewall')
| -rw-r--r-- | roles/os_firewall/defaults/main.yml | 1 | ||||
| -rw-r--r-- | roles/os_firewall/tasks/firewall/firewalld.yml | 13 | ||||
| -rw-r--r-- | roles/os_firewall/tasks/firewall/iptables.yml | 16 | ||||
| -rw-r--r-- | roles/os_firewall/tasks/main.yml | 4 |
4 files changed, 7 insertions, 27 deletions
diff --git a/roles/os_firewall/defaults/main.yml b/roles/os_firewall/defaults/main.yml index bcf1d9a34..e3176e611 100644 --- a/roles/os_firewall/defaults/main.yml +++ b/roles/os_firewall/defaults/main.yml @@ -1,2 +1,3 @@ --- +os_firewall_enabled: True os_firewall_use_firewalld: True diff --git a/roles/os_firewall/tasks/firewall/firewalld.yml b/roles/os_firewall/tasks/firewall/firewalld.yml index cf2a2c733..ac4600f83 100644 --- a/roles/os_firewall/tasks/firewall/firewalld.yml +++ b/roles/os_firewall/tasks/firewall/firewalld.yml @@ -1,16 +1,7 @@ --- - name: Install firewalld packages - yum: - name: firewalld - state: present - when: ansible_pkg_mgr == "yum" - register: install_result - -- name: Install firewalld packages - dnf: - name: firewalld - state: present - when: ansible_pkg_mgr == "dnf" + action: "{{ ansible_pkg_mgr }} name=firewalld state=present" + when: not openshift.common.is_containerized | bool register: install_result - name: Check if iptables-services is installed diff --git a/roles/os_firewall/tasks/firewall/iptables.yml b/roles/os_firewall/tasks/firewall/iptables.yml index 36d51504c..5cf4bf7af 100644 --- a/roles/os_firewall/tasks/firewall/iptables.yml +++ b/roles/os_firewall/tasks/firewall/iptables.yml @@ -1,23 +1,11 @@ --- - name: Install iptables packages - yum: - name: "{{ item }}" - state: present + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" with_items: - iptables - iptables-services - when: ansible_pkg_mgr == "yum" - register: install_result - -- name: Install iptables packages - dnf: - name: "{{ item }}" - state: present - with_items: - - iptables - - iptables-services - when: ansible_pkg_mgr == "dnf" register: install_result + when: not openshift.common.is_atomic | bool - name: Check if firewalld is installed command: rpm -q firewalld diff --git a/roles/os_firewall/tasks/main.yml b/roles/os_firewall/tasks/main.yml index ad89ef97c..076e5e311 100644 --- a/roles/os_firewall/tasks/main.yml +++ b/roles/os_firewall/tasks/main.yml @@ -1,6 +1,6 @@ --- - include: firewall/firewalld.yml - when: os_firewall_use_firewalld + when: os_firewall_enabled | bool and os_firewall_use_firewalld | bool - include: firewall/iptables.yml - when: not os_firewall_use_firewalld + when: os_firewall_enabled | bool and not os_firewall_use_firewalld | bool |