roles/common: Separate firewalld tasks for Ubuntu and Debian
Signed-off-by: Alan Orth <alan.orth@gmail.com>
This commit is contained in:
parent
18ca44193d
commit
9266d48c9f
GPG Key ID:
0FB860CC9C45B1B9
|
|
@ -1,33 +1,17 @@
|
|||
---
|
||||
- name: Install iptables-persistent
|
||||
when: ansible_distribution_version == '14.04'
|
||||
apt: pkg=iptables-persistent update_cache=yes
|
||||
|
||||
- name: Copy /etc/iptables/rules.v4
|
||||
when: ansible_distribution_version == '14.04'
|
||||
template: src=iptables.j2 dest=/etc/iptables/rules.v4 owner=root mode=0600
|
||||
notify:
|
||||
- restart iptables-persistent
|
||||
|
||||
- name: Copy /etc/iptables/rules.v6
|
||||
when: ansible_distribution_version == '14.04'
|
||||
template: src=ip6tables.j2 dest=/etc/iptables/rules.v6 owner=root group=root mode=0600
|
||||
notify:
|
||||
- restart iptables-persistent
|
||||
|
||||
- name: Install firewalld and deps
|
||||
when: ansible_distribution_version == '15.04'
|
||||
when: ansible_distribution_major_version == '8'
|
||||
apt: pkg={{ item }} state=latest
|
||||
with_items:
|
||||
- firewalld
|
||||
- tidy
|
||||
|
||||
- name: Copy firewalld public zone file
|
||||
when: ansible_distribution_version == '15.04'
|
||||
when: ansible_distribution_major_version == '8'
|
||||
template: src=public.xml.j2 dest=/etc/firewalld/zones/public.xml owner=root mode=0600
|
||||
|
||||
- name: Format public.xml firewalld zone file
|
||||
when: ansible_distribution_version == '15.04'
|
||||
when: ansible_distribution_major_version == '8'
|
||||
shell: tidy -xml -iq -m -w 0 /etc/firewalld/zones/public.xml
|
||||
notify:
|
||||
- restart firewalld
|
||||
|
|
|
|||
|
|
@ -0,0 +1,33 @@
|
|||
---
|
||||
- name: Install iptables-persistent
|
||||
when: ansible_distribution_version == '14.04'
|
||||
apt: pkg=iptables-persistent update_cache=yes
|
||||
|
||||
- name: Copy /etc/iptables/rules.v4
|
||||
when: ansible_distribution_version == '14.04'
|
||||
template: src=iptables.j2 dest=/etc/iptables/rules.v4 owner=root mode=0600
|
||||
notify:
|
||||
- restart iptables-persistent
|
||||
|
||||
- name: Copy /etc/iptables/rules.v6
|
||||
when: ansible_distribution_version == '14.04'
|
||||
template: src=ip6tables.j2 dest=/etc/iptables/rules.v6 owner=root group=root mode=0600
|
||||
notify:
|
||||
- restart iptables-persistent
|
||||
|
||||
- name: Install firewalld and deps
|
||||
when: ansible_distribution_version == '15.04'
|
||||
apt: pkg={{ item }} state=latest
|
||||
with_items:
|
||||
- firewalld
|
||||
- tidy
|
||||
|
||||
- name: Copy firewalld public zone file
|
||||
when: ansible_distribution_version == '15.04'
|
||||
template: src=public.xml.j2 dest=/etc/firewalld/zones/public.xml owner=root mode=0600
|
||||
|
||||
- name: Format public.xml firewalld zone file
|
||||
when: ansible_distribution_version == '15.04'
|
||||
shell: tidy -xml -iq -m -w 0 /etc/firewalld/zones/public.xml
|
||||
notify:
|
||||
- restart firewalld
|
||||
|
|
@ -16,8 +16,12 @@
|
|||
when: ansible_distribution == 'Debian'
|
||||
tags: packages
|
||||
|
||||
- include: iptables_Ubuntu.yml
|
||||
when: ansible_distribution == 'Ubuntu'
|
||||
tags: firewall
|
||||
|
||||
- include: iptables_Debian.yml
|
||||
when: ansible_os_family == 'Debian'
|
||||
when: ansible_distribution == 'Debian'
|
||||
tags: firewall
|
||||
|
||||
- include: sshd.yml
|
||||
|
|
|
|||
Loading…
Reference in New Issue