initial (#1) (5ce8fb73) · Commits · Tools / Ansible / Roles / Firewalld

README.md

+3 −1

Original line number	Diff line number	Diff line
		# ansible_role-template
		# ansible_role-firewalld

		Install & configure firewalld.

0 → 100644

+6 −0

Original line number	Diff line number	Diff line
		- name: (Re)start firewalld service
		ansible.builtin.systemd:
		state: restarted
		enabled: true
		daemon_reload: true
		name: "firewalld.service"

+4 −4

Original line number	Diff line number	Diff line
		collections: []
		dependencies: []
		galaxy_info:
		author: template
		description: template
		author: Dmitriy Safronov
		description: Install & configure firewalld.
		license: Apache-2.0
		min_ansible_version: "2.16"
		namespace: template
		role_name: template
		namespace: dmitriysafronov
		role_name: firewalld

0 → 100644

+25 −0

Original line number	Diff line number	Diff line
		---

		- name: Create override directory for firewalld systemd service
		ansible.builtin.file:
		path: "/etc/systemd/system/firewalld.service.d"
		state: directory
		mode: '0755'
		owner: root
		group: root

		- name: Create override file for firewalld systemd service
		ansible.builtin.template:
		src: firewalld.override.j2
		dest: "/etc/systemd/system/firewalld.service.d/localhost_ssh.conf"
		mode: '0644'
		owner: root
		group: root
		notify: (Re)start firewalld service

		- name: Install firewall packages
		ansible.builtin.package:
		name:
		- firewalld
		- python3-firewall
		state: present

0 → 100644

+6 −0

Original line number	Diff line number	Diff line
		{{ ansible_managed \| comment }}

		[Service]
		ExecStartPost=-/usr/bin/firewall-cmd --permanent --zone=trusted --add-interface=lo
		ExecStartPost=-/usr/bin/firewall-cmd --permanent --add-port={{ ansible_port \| default('22') }}/tcp
		ExecStartPost=-/usr/bin/firewall-cmd --reload