Verified Commit b847916c authored by Florian Pritz's avatar Florian Pritz
Browse files

Disable firewalld tasks

Disable firewall because python2 module is not avaible and the tasks
fail which makes the playbooks fail and leads to handlers not being run.

https://github.com/ansible/ansible/issues/24855

Signed-off-by: Florian Pritz's avatarFlorian Pritz <bluewind@xinu.at>
parent a960e513
---
# disable firewall because python2 module is not avaible and the tasks fail
# https://github.com/ansible/ansible/issues/24855
configure_firewall: false
......@@ -230,6 +230,7 @@
- name: open firewall holes for rsync
firewalld: service=rsyncd permanent=true state=enabled
when: configure_firewall
- name: configure svnserve
copy: dest=/etc/conf.d/svnserve content="SVNSERVE_ARGS=-R -r /srv/svn\n"
......@@ -242,6 +243,7 @@
- name: open firewall holes for svnserve
firewalld: port=3690/tcp permanent=true state=enabled
when: configure_firewall
- name: install systemd timers
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
......
......@@ -27,3 +27,4 @@
- pop3s
- imap
- imaps
when: configure_firewall
......@@ -53,3 +53,4 @@
- name: open firewall holes to other infrastructure hosts
firewalld: service=mysql permanent=true state="{{'disabled' if mariadb_skip_networking else 'enabled'}}" source={{item}}
with_items: "{{ groups['all'] }}"
when: configure_firewall
......@@ -74,3 +74,4 @@
with_items:
- http
- https
when: configure_firewall
......@@ -76,4 +76,4 @@
with_items:
- smtp
- smtp-submission
when: postfix_smtpd_public
when: postfix_smtpd_public and configure_firewall
......@@ -56,3 +56,4 @@
- name: open firewall holes to known postgresql clients
firewalld: service=postgresql permanent=true state=enabled source={{item}}
with_items: "{{ postgres_ssl_hosts }}"
when: configure_firewall
......@@ -71,3 +71,4 @@
- name: open firewall holes
firewalld: port=4242/tcp permanent=true state=enabled
when: configure_firewall
......@@ -22,3 +22,4 @@
- name: open firewall holes
firewalld: service=ssh permanent=true state=enabled
when: configure_firewall
......@@ -56,3 +56,4 @@
- name: open firewall holes
firewalld: service=rsyncd permanent=true state=enabled
when: configure_firewall
......@@ -71,3 +71,4 @@
- name: open firewall holes
firewalld: service=zabbix-agent permanent=true state=enabled
when: configure_firewall
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment