+firewall tag

ImNtReal · Feb 7, 2022 · 89032ad · 89032ad
1 parent 6789d1f
commit 89032ad
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 0 deletions.
diff --git a/tasks/firewall_rules.yml b/tasks/firewall_rules.yml
@@ -2,14 +2,20 @@
 - name: set epic_firewall_short
   ansible.builtin.set_fact:
     epic_firewall_short: "{{ item['name'] }}"
+  tags:
+    - firewall
 
 - name: set epic_firewall_description
   ansible.builtin.set_fact:
     epic_firewall_description: "{{ item['description'] }}"
+  tags:
+    - firewall
 
 - name: set epic_firewall_ports
   ansible.builtin.set_fact:
     epic_firewall_ports: "{{ item['ports'] }}"
+  tags:
+    - firewall
 
 - name: copy {{ epic_firewall_short }} firewall rule
   ansible.builtin.template:
@@ -18,3 +24,5 @@
     owner: root
     group: root
     mode: 0660
+  tags:
+    - firewall
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -55,6 +55,8 @@
       - dstat
     state: present
   when: ansible_facts['distribution_major_version'] < '8'
+  tags:
+    - firewall
 
 - name: ensure packges needed for Epic and role are installed
   ansible.builtin.dnf:
@@ -84,6 +86,8 @@
       - bcc-tools
     state: present
   when: ansible_facts['distribution_major_version'] > '7'
+  tags:
+    - firewall
 
 ### Post package install tasks
 - name: gather package facts
@@ -425,25 +429,35 @@
 ### Setup firewall rules
 - name: refresh service facts
   service_facts:
+  tags:
+    - firewall
 
 - name: start firewalld
   ansible.builtin.systemd:
     name: firewalld
     state: started
     enabled: true
   when: ansible_env['container'] is not defined
+  tags:
+    - firewall
 
 - name: Setup firewall rules
   include_tasks: firewall_rules.yml
   loop: "{{ odb_firewalld_services }}"
+  tags:
+    - firewall
 
 - name: refresh service facts
   service_facts:
+  tags:
+    - firewall
 
 - name: reload firewalld
   command: firewall-cmd --reload
   changed_when: false
   when: ansible_facts['services']['firewalld.service']['state'] == 'running'
+  tags:
+    - firewall
 
 - name: enable dynamic Epic firewall rules
   ansible.posix.firewalld:
@@ -453,13 +467,17 @@
     state: enabled
   loop: "{{ odb_firewalld_services }}"
   when: ansible_facts['services']['firewalld.service']['state'] == 'running'
+  tags:
+    - firewall
 
 - name: Enable SFTP port on firewall
   ansible.posix.firewalld:
     port: 2222/tcp
     permanent: true
     state: enabled
   when: ansible_facts['services']['firewalld.service']['state'] == 'running'
+  tags:
+    - firewall
 
 ### Get status of /etc/vmware-tools before trying to copy file there
 - name: get status of /etc/vmware-tools directory