systems/dotfiles
1
Fork 0
Code Pull requests 1 Activity Actions

Remove firewall

Browse source 
Yes, really! Docker no like!
This commit is contained in:
Jake Howard 2021-02-23 17:53:56 +00:00
parent 7c9df74daf
commit 7e074231bd
Signed by: jake
GPG key ID: 57AFB45680EDD477
1 changed files with 0 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
tasks/security.yml
View file

@ -24,46 +24,3 @@
dest: "{{ home }}/.ssh/assh.yml" dest: "{{ home }}/.ssh/assh.yml"
mode: 0644 mode: 0644
owner: "{{ user }}" owner: "{{ user }}"
- name: Install Firewall
aur:
name: "{{ item }}"
become: true
become_user: aur_builder
loop:
- firewalld
- name: Enable firewalld
systemd:
name: firewalld
enabled: true
state: started
- name: Define firewall ports
set_fact:
requested_firewall_ports:
- 22/tcp # SSH
- 80/tcp # Web (crab)
- name: Get firewall ports
shell: firewall-cmd --list-ports
become: true
register: firewall_ports
changed_when: false
- name: Open firewall ports
ansible.posix.firewalld:
port: "{{ item }}"
permanent: true
immediate: true
state: enabled
loop: "{{ requested_firewall_ports }}"
- name: Close firewall ports
ansible.posix.firewalld:
port: "{{ item }}"
permanent: true
immediate: true
state: disabled
when: item and item not in requested_firewall_ports
loop: "{{ firewall_ports.stdout.split(' ') }}"