Remove firewall role
firewalld does not play nice with docker!
This commit is contained in:
parent
f2d7d63e2d
commit
e5e308fafa
GPG key ID:
57AFB45680EDD477
2 changed files with 0 additions and 45 deletions
|
|
@ -38,4 +38,3 @@
|
||||||
- statping
|
- statping
|
||||||
- socks-proxy
|
- socks-proxy
|
||||||
- upload
|
- upload
|
||||||
- firewall
|
|
||||||
|
|
|
||||||
|
|
@ -1,44 +0,0 @@
|
||||||
- name: Install firewalld
|
|
||||||
package:
|
|
||||||
name: firewalld
|
|
||||||
become: true
|
|
||||||
|
|
||||||
- name: Enable firewalld
|
|
||||||
systemd:
|
|
||||||
name: firewalld
|
|
||||||
enabled: true
|
|
||||||
state: started
|
|
||||||
become: true
|
|
||||||
|
|
||||||
- name: Mark wireguard as internal traffic
|
|
||||||
firewalld:
|
|
||||||
source: "{{ wireguard.cidr }}"
|
|
||||||
zone: trusted
|
|
||||||
state: enabled
|
|
||||||
permanent: true
|
|
||||||
immediate: true
|
|
||||||
become: true
|
|
||||||
|
|
||||||
- name: Get firewall ports
|
|
||||||
shell: firewall-cmd --list-ports --zone public
|
|
||||||
become: true
|
|
||||||
register: firewall_ports
|
|
||||||
|
|
||||||
- name: Open firewall ports
|
|
||||||
firewalld:
|
|
||||||
port: "{{ item }}"
|
|
||||||
permanent: true
|
|
||||||
immediate: true
|
|
||||||
state: enabled
|
|
||||||
loop: "{{ requested_firewall_ports }}"
|
|
||||||
become: true
|
|
||||||
|
|
||||||
- name: Close firewall ports
|
|
||||||
firewalld:
|
|
||||||
port: "{{ item }}"
|
|
||||||
permanent: true
|
|
||||||
immediate: true
|
|
||||||
state: disabled
|
|
||||||
when: item and item not in requested_firewall_ports
|
|
||||||
loop: "{{ firewall_ports.stdout.split(' ') }}"
|
|
||||||
become: true
|
|
||||||
Loading…
Reference in a new issue