| 123456789101112131415161718192021222324252627282930313233343536373839404142434445 |
- ---
- - name: Ensure firewalld service is not enabled
- systemd:
- name: firewalld
- state: stopped
- enabled: no
- masked: yes
- register: task_result
- failed_when:
- - task_result is failed
- - ('could not' not in task_result.msg|lower)
- - name: Wait 10 seconds after disabling firewalld
- pause:
- seconds: 10
- when: task_result is changed
- - name: Install iptables packages
- package:
- name: "{{ item }}"
- state: present
- with_items:
- - iptables
- - iptables-services
- when: not r_os_firewall_is_atomic | bool
- register: result
- until: result is succeeded
- - name: Start and enable iptables service
- systemd:
- name: iptables
- state: started
- enabled: yes
- masked: no
- daemon_reload: yes
- register: result
- delegate_to: "{{item}}"
- run_once: true
- with_items: "{{ ansible_play_batch }}"
- - name: need to pause here, otherwise the iptables service starting can sometimes cause ssh to fail
- pause:
- seconds: 10
- when: result is changed
|
