Remove firewall role
firewalld does not play nice with docker!
This commit is contained in:
parent
f2d7d63e2d
commit
e5e308fafa
GPG Key ID:
57AFB45680EDD477
|
|
@ -38,4 +38,3 @@
|
|||
- statping
|
||||
- socks-proxy
|
||||
- upload
|
||||
- firewall
|
||||
|
|
|
|||
|
|
@ -1,44 +0,0 @@
|
|||
- name: Install firewalld
|
||||
package:
|
||||
name: firewalld
|
||||
become: true
|
||||
|
||||
- name: Enable firewalld
|
||||
systemd:
|
||||
name: firewalld
|
||||
enabled: true
|
||||
state: started
|
||||
become: true
|
||||
|
||||
- name: Mark wireguard as internal traffic
|
||||
firewalld:
|
||||
source: "{{ wireguard.cidr }}"
|
||||
zone: trusted
|
||||
state: enabled
|
||||
permanent: true
|
||||
immediate: true
|
||||
become: true
|
||||
|
||||
- name: Get firewall ports
|
||||
shell: firewall-cmd --list-ports --zone public
|
||||
become: true
|
||||
register: firewall_ports
|
||||
|
||||
- name: Open firewall ports
|
||||
firewalld:
|
||||
port: "{{ item }}"
|
||||
permanent: true
|
||||
immediate: true
|
||||
state: enabled
|
||||
loop: "{{ requested_firewall_ports }}"
|
||||
become: true
|
||||
|
||||
- name: Close firewall ports
|
||||
firewalld:
|
||||
port: "{{ item }}"
|
||||
permanent: true
|
||||
immediate: true
|
||||
state: disabled
|
||||
when: item and item not in requested_firewall_ports
|
||||
loop: "{{ firewall_ports.stdout.split(' ') }}"
|
||||
become: true
|
||||
Loading…
Reference in New Issue
Block a user