diff --git a/roles/common/tasks/firewall_Ubuntu.yml b/roles/common/tasks/firewall_Ubuntu.yml index 88c64b5..6486558 100644 --- a/roles/common/tasks/firewall_Ubuntu.yml +++ b/roles/common/tasks/firewall_Ubuntu.yml @@ -4,9 +4,6 @@ # Ubuntu 16.04 will use firewalld with the iptables backend. - block: - - include_tasks: firewall_Ubuntu_cleanup.yml - when: ansible_distribution_version is version('20.04', '==') - - name: Set Ubuntu firewall packages when: ansible_distribution_version is version('20.04', '<') set_fact: diff --git a/roles/common/tasks/firewall_Ubuntu_cleanup.yml b/roles/common/tasks/firewall_Ubuntu_cleanup.yml deleted file mode 100644 index 35e1375..0000000 --- a/roles/common/tasks/firewall_Ubuntu_cleanup.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- -# Clean up previous firewalld configuration on Ubuntu 20.04, now that we are -# migrating to a pure nftables configuration. - -- name: Stop and disable firewalld - systemd: name=nftables state=stopped enabled=no - -- name: Set Ubuntu firewall packages to remove - set_fact: - ubuntu_firewall_packages: - - firewalld - - tidy - -- name: Remove old firewall packages - apt: pkg={{ ubuntu_firewall_packages }} state=absent - -- name: Remove old firewalld zone and ipsets - file: dest={{ item }} state=absent - loop: - - /etc/firewalld/zones/public.xml - - /etc/firewalld/ipsets/abusers-ipv4.xml - - /etc/firewalld/ipsets/abusers-ipv6.xml - - /etc/firewalld/ipsets/spamhaus-ipv4.xml - - /etc/firewalld/ipsets/spamhaus-ipv6.xml - -- name: Stop and disable old Spamhaus firewalld systemd timer - systemd: name=update-spamhaus-lists.timer state=stopped enabled=no - -- name: Remove old Spamhaus firewalld update script and systemd units - file: dest={{ item }} state=absent - loop: - - /usr/local/bin/update-spamhaus-lists.sh - - /etc/systemd/system/update-spamhaus-lists.service - - /etc/systemd/system/update-spamhaus-lists.timer - -# need to reload to pick up service/timer/environment changes -- name: Reload systemd daemon - systemd: daemon_reload=yes - -# vim: set sw=2 ts=2: