From 4f9b26e8af5890b7960291497020586426e7f1fc Mon Sep 17 00:00:00 2001
From: Kenny Woodson <kwoodson@redhat.com>
Date: Wed, 19 Jul 2017 08:51:14 -0400
Subject: First attempt at refactor of os_firewall

---
 roles/etcd/defaults/main.yaml | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'roles/etcd/defaults/main.yaml')

diff --git a/roles/etcd/defaults/main.yaml b/roles/etcd/defaults/main.yaml
index c0d1d5946..4c8d63b4c 100644
--- a/roles/etcd/defaults/main.yaml
+++ b/roles/etcd/defaults/main.yaml
@@ -7,4 +7,15 @@ etcd_listen_peer_urls: "{{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_peer_
 etcd_advertise_client_urls: "{{ etcd_url_scheme }}://{{ etcd_ip }}:{{ etcd_client_port }}"
 etcd_listen_client_urls: "{{ etcd_url_scheme }}://{{ etcd_ip }}:{{ etcd_client_port }}"
 
+etcd_client_port: 2379
+etcd_peer_port: 2380
+
 etcd_systemd_dir: "/etc/systemd/system/{{ etcd_service }}.service.d"
+r_etcd_os_firewall_deny: []
+r_etcd_os_firewall_allow:
+- service: etcd
+  port: "{{etcd_client_port}}/tcp"
+  cond: true
+- service: etcd peering
+  port: "{{ etcd_peer_port }}/tcp"
+  cond: true
-- 
cgit v1.2.3