30 lines
724 B
YAML
Executable File
30 lines
724 B
YAML
Executable File
- name: Set default firewalld zone to home
|
|
ansible.builtin.command:
|
|
cmd: firewall-cmd --set-default-zone=home
|
|
become: true
|
|
|
|
- name: Change interface to home zone
|
|
ansible.builtin.command:
|
|
cmd: firewall-cmd --zone=home --change-interface={{ network_interface }}
|
|
become: true
|
|
|
|
- name: Add allowed services to home zone
|
|
ansible.builtin.firewalld:
|
|
service: "{{ item }}"
|
|
zone: home
|
|
permanent: yes
|
|
state: enabled
|
|
loop: "{{ allowed_services }}"
|
|
become: true
|
|
|
|
- name: Enable logging for denied packets
|
|
ansible.builtin.command:
|
|
cmd: firewall-cmd --set-log-denied=all
|
|
become: true
|
|
|
|
- name: Reload firewalld
|
|
ansible.builtin.systemd:
|
|
name: firewalld
|
|
state: reloaded
|
|
become: true
|