From ab27caf877bde9dccbdba6ada849b930c7963a14 Mon Sep 17 00:00:00 2001 From: Alan Orth Date: Wed, 25 Apr 2018 18:58:31 +0300 Subject: [PATCH] roles/common: Use dynamic include_tasks for firewall Use dynamic includes instead of static imports when you are running tasks conditionally or using variable interpolation. The down side is that you need to then tag the parent task as well as all child tasks, as tags only apply to children of statically imported tasks. --- roles/common/tasks/firewall_Debian.yml | 6 +++++- roles/common/tasks/firewall_Ubuntu.yml | 6 +++++- roles/common/tasks/main.yml | 4 ++-- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/roles/common/tasks/firewall_Debian.yml b/roles/common/tasks/firewall_Debian.yml index 7d0cff1..4f4580a 100644 --- a/roles/common/tasks/firewall_Debian.yml +++ b/roles/common/tasks/firewall_Debian.yml @@ -5,16 +5,20 @@ loop: - firewalld - tidy - tags: packages + tags: + - packages + - firewall - name: Copy firewalld public zone file when: ansible_distribution_major_version is version_compare('8', '>=') template: src=public.xml.j2 dest=/etc/firewalld/zones/public.xml owner=root mode=0600 + tags: firewall - name: Format public.xml firewalld zone file when: ansible_distribution_major_version is version_compare('8', '>=') command: tidy -xml -iq -m -w 0 /etc/firewalld/zones/public.xml notify: - reload firewalld + tags: firewall # vim: set sw=2 ts=2: diff --git a/roles/common/tasks/firewall_Ubuntu.yml b/roles/common/tasks/firewall_Ubuntu.yml index 498b97c..f2ddd07 100644 --- a/roles/common/tasks/firewall_Ubuntu.yml +++ b/roles/common/tasks/firewall_Ubuntu.yml @@ -5,16 +5,20 @@ loop: - firewalld - tidy - tags: packages + tags: + - packages + - firewall - name: Copy firewalld public zone file when: ansible_distribution_version is version_compare('15.04', '>=') template: src=public.xml.j2 dest=/etc/firewalld/zones/public.xml owner=root mode=0600 + tags: firewall - name: Format public.xml firewalld zone file when: ansible_distribution_version is version_compare('15.04', '>=') command: tidy -xml -iq -m -w 0 /etc/firewalld/zones/public.xml notify: - reload firewalld + tags: firewall # vim: set sw=2 ts=2: diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 1cc39c3..e6181b5 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -18,12 +18,12 @@ tags: packages - name: Configure firewall - import_tasks: firewall_Debian.yml + include_tasks: firewall_Debian.yml when: ansible_distribution == 'Debian' tags: firewall - name: Configure firewall - import_tasks: firewall_Ubuntu.yml + include_tasks: firewall_Ubuntu.yml when: ansible_distribution == 'Ubuntu' tags: firewall