Something went wrong on our end
-
Baptiste DE RENZO authoredBaptiste DE RENZO authored
firewall-rules.yml 1.54 KiB
#!/usr/bin/env ansible-playbook
---
- name: GATHER ALL FACTS
hosts: all
tasks:
- name: ensure python3 is installed
register: python_install
changed_when: "'es_pyinstall' in python_install.stdout_lines"
ansible.builtin.raw: command -v python3 || echo es_pyinstall && apt update && apt install -y python3-minimal python3-apt iproute2
tags: always
- name: SET PORTS TO LISTEN
hosts: all
gather_facts: false
tasks:
- name: Set vars
ansible.builtin.include_vars:
file: ressources/firewall/rules.yml
- name: listen ports
ansible.builtin.include_tasks: ressources/firewall/listen.yml
# loop over listen vars (named outer_item) and call firewall-listen
loop: "{{ listen }}"
loop_control:
loop_var: outer_item
# execute loop only when group exists and host is in listen.groupname
when: (outer_item.groupname in groups) and (inventory_hostname in groups[outer_item.groupname])
- name: TEST FIREWALL RULES
hosts: all
gather_facts: false
tasks:
- name: Set vars
ansible.builtin.include_vars:
file: ressources/firewall/rules.yml
- name: test rules
ansible.builtin.include_tasks: ressources/firewall/test-rule.yml
# loop over listen vars (named outer_item) and call firewall-listen
loop: "{{ test }}"
loop_control:
loop_var: outer_item
# execute loop only when group exists and host is in listen.groupname_src
when: (outer_item.groupname_src in groups) and (inventory_hostname in groups[outer_item.groupname_src])