Alan Orth
201165cff6
I have added cache_valid_time=3600 for the first task in each tag that could be possibly running apt-related commands. For ex, the "nginx" tag is also in the "packages" tag, but sometimes you run the nginx tag by itself (perhaps repeatadely), so you'd want to limit the update unless the cache was 1 hour old
19 lines
594 B
YAML
19 lines
594 B
YAML
---
|
|
- name: Install firewalld and deps
|
|
when: ansible_distribution_major_version == '8'
|
|
apt: pkg={{ item }} state=latest update_cache=yes cache_valid_time=3600
|
|
with_items:
|
|
- firewalld
|
|
- tidy
|
|
tags: packages
|
|
|
|
- name: Copy firewalld public zone file
|
|
when: ansible_distribution_major_version == '8'
|
|
template: src=public.xml.j2 dest=/etc/firewalld/zones/public.xml owner=root mode=0600
|
|
|
|
- name: Format public.xml firewalld zone file
|
|
when: ansible_distribution_major_version == '8'
|
|
shell: tidy -xml -iq -m -w 0 /etc/firewalld/zones/public.xml
|
|
notify:
|
|
- restart firewalld
|