Disable firewalld tasks
Disable firewall because python2 module is not avaible and the tasks fail which makes the playbooks fail and leads to handlers not being run. https://github.com/ansible/ansible/issues/24855 Signed-off-by: Florian Pritz <bluewind@xinu.at>
This commit is contained in:
parent
a960e513fc
commit
b847916c61
11 changed files with 15 additions and 1 deletions
4
group_vars/all/firewall.yml
Normal file
4
group_vars/all/firewall.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
# disable firewall because python2 module is not avaible and the tasks fail
|
||||
# https://github.com/ansible/ansible/issues/24855
|
||||
configure_firewall: false
|
|
@ -230,6 +230,7 @@
|
|||
|
||||
- name: open firewall holes for rsync
|
||||
firewalld: service=rsyncd permanent=true state=enabled
|
||||
when: configure_firewall
|
||||
|
||||
- name: configure svnserve
|
||||
copy: dest=/etc/conf.d/svnserve content="SVNSERVE_ARGS=-R -r /srv/svn\n"
|
||||
|
@ -242,6 +243,7 @@
|
|||
|
||||
- name: open firewall holes for svnserve
|
||||
firewalld: port=3690/tcp permanent=true state=enabled
|
||||
when: configure_firewall
|
||||
|
||||
- name: install systemd timers
|
||||
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
|
||||
|
|
|
@ -27,3 +27,4 @@
|
|||
- pop3s
|
||||
- imap
|
||||
- imaps
|
||||
when: configure_firewall
|
||||
|
|
|
@ -53,3 +53,4 @@
|
|||
- name: open firewall holes to other infrastructure hosts
|
||||
firewalld: service=mysql permanent=true state="{{'disabled' if mariadb_skip_networking else 'enabled'}}" source={{item}}
|
||||
with_items: "{{ groups['all'] }}"
|
||||
when: configure_firewall
|
||||
|
|
|
@ -74,3 +74,4 @@
|
|||
with_items:
|
||||
- http
|
||||
- https
|
||||
when: configure_firewall
|
||||
|
|
|
@ -76,4 +76,4 @@
|
|||
with_items:
|
||||
- smtp
|
||||
- smtp-submission
|
||||
when: postfix_smtpd_public
|
||||
when: postfix_smtpd_public and configure_firewall
|
||||
|
|
|
@ -56,3 +56,4 @@
|
|||
- name: open firewall holes to known postgresql clients
|
||||
firewalld: service=postgresql permanent=true state=enabled source={{item}}
|
||||
with_items: "{{ postgres_ssl_hosts }}"
|
||||
when: configure_firewall
|
||||
|
|
|
@ -71,3 +71,4 @@
|
|||
|
||||
- name: open firewall holes
|
||||
firewalld: port=4242/tcp permanent=true state=enabled
|
||||
when: configure_firewall
|
||||
|
|
|
@ -22,3 +22,4 @@
|
|||
|
||||
- name: open firewall holes
|
||||
firewalld: service=ssh permanent=true state=enabled
|
||||
when: configure_firewall
|
||||
|
|
|
@ -56,3 +56,4 @@
|
|||
|
||||
- name: open firewall holes
|
||||
firewalld: service=rsyncd permanent=true state=enabled
|
||||
when: configure_firewall
|
||||
|
|
|
@ -71,3 +71,4 @@
|
|||
|
||||
- name: open firewall holes
|
||||
firewalld: service=zabbix-agent permanent=true state=enabled
|
||||
when: configure_firewall
|
||||
|
|
Loading…
Reference in a new issue