47 lines
881 B
YAML
47 lines
881 B
YAML
- name: Ensure firewalld is enabled
|
|
service:
|
|
name: firewalld
|
|
enabled: true
|
|
state: started
|
|
|
|
- name: Set external interface
|
|
firewalld:
|
|
state: enabled
|
|
interface: eth1
|
|
zone: external
|
|
permanent: yes
|
|
immediate: yes
|
|
|
|
- name: Set internal interface
|
|
firewalld:
|
|
state: enabled
|
|
interface: eth2
|
|
zone: internal
|
|
permanent: yes
|
|
immediate: yes
|
|
|
|
- name: Open firewalld ports
|
|
firewalld:
|
|
port: "{{ item.port }}"
|
|
state: enabled
|
|
zone: "{{ item.zone }}"
|
|
immediate: yes
|
|
permanent: yes
|
|
loop:
|
|
- port: 80/tcp
|
|
zone: external
|
|
- port: 443/tcp
|
|
zone: external
|
|
- port: 80/tcp
|
|
zone: internal
|
|
- port: 443/tcp
|
|
zone: internal
|
|
- port: 22623/tcp
|
|
zone: internal
|
|
- port: 8000/tcp
|
|
zone: internal
|
|
- port: 6443/tcp
|
|
zone: internal
|
|
- port: 6443/tcp
|
|
zone: external
|