From e803a785e5207dfaa8d469b9e74c39f69af0ffad Mon Sep 17 00:00:00 2001
From: Evangelos Foutras <evangelos@foutrelis.com>
Date: Sun, 16 Oct 2022 20:45:57 +0300
Subject: [PATCH] keycloak: remove redundant firewall port opening

The nginx role already enables the http and https services.
---
 roles/keycloak/tasks/main.yml | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/roles/keycloak/tasks/main.yml b/roles/keycloak/tasks/main.yml
index c00785d7a..910218adc 100644
--- a/roles/keycloak/tasks/main.yml
+++ b/roles/keycloak/tasks/main.yml
@@ -50,15 +50,6 @@
       notify:
         - Daemon reload
 
-- name: Open firewall hole
-  ansible.posix.firewalld: port={{ item }} permanent=true state=enabled immediate=yes
-  when: configure_firewall
-  with_items:
-    - 80/tcp
-    - 443/tcp
-  tags:
-    - firewall
-
 - name: Create htpasswd for nginx prometheus endpoint
   htpasswd:
     path: "{{ keycloak_nginx_htpasswd }}"
-- 
GitLab