Configure firewall in Ansible

QuLogic · QuLogic · commit d83f873a5244 · 2022-03-11T01:35:22.000-05:00
diff --git a/collections/requirements.yml b/collections/requirements.yml
@@ -1,4 +1,5 @@
 ---
 collections:
+  - name: ansible.posix
   - name: community.general
   - name: community.digitalocean
diff --git a/matplotlib.org.yml b/matplotlib.org.yml
@@ -51,6 +51,38 @@
           - podman
         state: present
 
+    # Firewall setup
+    # ##############
+    - name: Enable firewall
+      ansible.builtin.systemd:
+        name: firewalld.service
+        enabled: true
+        state: started
+
+    - name: Allow SSH on firewall
+      ansible.posix.firewalld:
+        service: ssh
+        permanent: true
+        immediate: true
+        offline: true
+        state: enabled
+
+    - name: Allow HTTP on firewall
+      ansible.posix.firewalld:
+        service: http
+        permanent: true
+        immediate: true
+        offline: true
+        state: enabled
+
+    - name: Allow HTTPS on firewall
+      ansible.posix.firewalld:
+        service: https
+        permanent: true
+        immediate: true
+        offline: true
+        state: enabled
+
     # Prepare and clone Git repositories
     # ##################################
     - name: Create Git repository directories
