Update firewall.yml

lpwoodhouse · Oct 14, 2022 · 98b7433 · 98b7433
1 parent e4335bc
commit 98b7433
Showing 1 changed file with 27 additions and 17 deletions.
diff --git a/tasks/firewall.yml b/tasks/firewall.yml
@@ -1,25 +1,35 @@
 ---
-- name: enable ports in firewalld
-  firewalld:
-    port: "{{ item }}/tcp"
-    permanent: true
-    state: enabled
-    immediate: true
-  loop:
-    - "{{ zbx_passive_port }}"
-    - "{{ zbx_active_port }}"
+- block:
+  - name: enable ports in firewalld
+    firewalld:
+      port: "{{ item }}/tcp"
+      permanent: true
+      state: enabled
+      immediate: true
+    loop:
+      - "{{ zbx_passive_port }}"
+      - "{{ zbx_active_port }}"
+
+    - command: firewall-cmd --list-all
+      register: firewalld_status
+    - debug: msg={{ firewalld_status }}
+
   when:
     - "'firewalld' in ansible_facts.packages"
     - ansible_facts.services['firewalld']['state'] == 'running'
 
-- name: allow ports in ufw
-  shell: |
-    'ufw allow in {{ zbx_passive_port }}/tcp' \
-    'ufw allow out {{ zbx_active_port }}/tcp'
+- block:
+  - name: allow ports in ufw
+    command: "{{ item }}"
+    loop:
+      - 'ufw allow in {{ zbx_passive_port }}/tcp'
+      - 'ufw allow out {{ zbx_active_port }}/tcp'
+
+  - shell: ufw status verbose
+    register: ufw_status
+  - debug: msg={{ ufw_status }}
+
   when:
     - "'ufw' in ansible_facts.packages"
     - ansible_facts.services['ufw']['state'] == 'running'
-
-- shell: ufw status
-  regist: ufw_status
-- debug: msg={{ ufw_status }}
+