mariadb: do not open holes in the firewall for mariadb

We always run mariadb on the host where the service is located which requires a mariadb database.

mariadb: do not open holes in the firewall for mariadb
We always run mariadb on the host where the service is located which requires a mariadb database.
d09500ca · Jelle van der Waa · 0d2e6e50 · d09500ca
Commit d09500ca authored Nov 24, 2019 by Jelle van der Waa 🚧
--- a/roles/mariadb/tasks/main.yml
+++ b/roles/mariadb/tasks/main.yml
@@ -46,12 +46,3 @@

 - name: install zabbix mysql config
  template: src=zabbix_agentd.my.cnf.j2 dest=/etc/zabbix/zabbix_agentd.my.cnf owner=zabbix-agent group=zabbix-agent mode=0600
-
-  # the source addresses here could be tightened up more, but it's far better
-  # than having mariadb open to the world
- name: open firewall holes to other infrastructure hosts
-  firewalld: service=mysql permanent=true state="{{'disabled' if mariadb_skip_networking else 'enabled'}}" source={{item}} immediate=yes
-  with_items: "{{ groups['all'] }}"
-  when: configure_firewall
-  tags:
-    - firewall