36 lines
906 B
YAML
36 lines
906 B
YAML
# IF YOU ARE USING $tasks/base.yml this is redundant
|
|
# this is split out only for some of the cloud boxes
|
|
|
|
- name: install iptables if not installed
|
|
yum: name=iptables state=present
|
|
when: ansible_distribution == 'RedHat'
|
|
tags:
|
|
- iptables
|
|
- packages
|
|
|
|
- name: install iptables-services if not installed
|
|
yum: name=iptables-services state=present
|
|
when: ansible_distribution == 'Fedora'
|
|
tags:
|
|
- iptables
|
|
- packages
|
|
|
|
- name: iptables service enabled
|
|
service: name=iptables state=running enabled=true
|
|
tags:
|
|
- iptables
|
|
- service
|
|
|
|
- name: iptables
|
|
action: template src=$item dest=/etc/sysconfig/iptables mode=600 backup=yes
|
|
with_first_found:
|
|
- $iptables
|
|
- $files/iptables/iptables.${ansible_fqdn}
|
|
- $files/iptables/iptables.${host_group}
|
|
- $files/iptables/iptables.${env}
|
|
- $files/iptables/iptables
|
|
notify:
|
|
- restart iptables
|
|
tags:
|
|
- iptables
|
|
- config
|