From 6587392d3d6ed6c397b6ebf0aa3b9fac662307aa Mon Sep 17 00:00:00 2001 From: Christophe Robin Date: Tue, 6 Oct 2015 12:01:36 +0900 Subject: [PATCH 1/2] Add a flag to disable firewall --- defaults/main.yml | 1 + tasks/main.yml | 8 +++++--- 2 files changed, 6 insertions(+), 3 deletions(-) create mode 100644 defaults/main.yml diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..989ce5c --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1 @@ +firewall_enabled: true \ No newline at end of file diff --git a/tasks/main.yml b/tasks/main.yml index 536903d..f5cc384 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,8 +1,8 @@ - include: centos.yml - when: ansible_distribution == 'CentOS' + when: firewall_enabled and ansible_distribution == 'CentOS' - include: debian.yml - when: ansible_distribution == 'Debian' + when: firewall_enabled and ansible_distribution == 'Debian' - name: "Ensure the iptables.d directory exists" file: > @@ -11,6 +11,7 @@ mode=0700 owner=root group=root + when: firewall_enabled tags: - firewall @@ -22,6 +23,7 @@ backup=no owner=root group=root + when: firewall_enabled register: firewall_rule tags: - firewall @@ -30,6 +32,6 @@ - name: "Reload the firewall" firewall: > state=reloaded - when: firewall_rule|changed + when: firewall_enabled and firewall_rule|changed tags: - firewall From 4cdc542c3b58564c10111270a91f68aa30cd562c Mon Sep 17 00:00:00 2001 From: Frank Lee Date: Fri, 18 Dec 2015 14:01:56 +0900 Subject: [PATCH 2/2] add bool --- tasks/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index f5cc384..d34868f 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,8 +1,8 @@ - include: centos.yml - when: firewall_enabled and ansible_distribution == 'CentOS' + when: firewall_enabled|bool and ansible_distribution == 'CentOS' - include: debian.yml - when: firewall_enabled and ansible_distribution == 'Debian' + when: firewall_enabled|bool and ansible_distribution == 'Debian' - name: "Ensure the iptables.d directory exists" file: > @@ -11,7 +11,7 @@ mode=0700 owner=root group=root - when: firewall_enabled + when: firewall_enabled|bool tags: - firewall @@ -23,7 +23,7 @@ backup=no owner=root group=root - when: firewall_enabled + when: firewall_enabled|bool register: firewall_rule tags: - firewall @@ -32,6 +32,6 @@ - name: "Reload the firewall" firewall: > state=reloaded - when: firewall_enabled and firewall_rule|changed + when: firewall_enabled|bool and firewall_rule|changed tags: - firewall